Vulnerabilities > Marvell > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-08 | CVE-2020-5804 | Path Traversal vulnerability in Marvell Qconvergeconslole GUI 5.5.0.74 Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability. | 8.5 |
| 2020-12-18 | CVE-2020-5803 | Path Traversal vulnerability in Marvell Qconvergeconsole 5.5.00.74 Relative Path Traversal in Marvell QConvergeConsole GUI 5.5.0.74 allows a remote, authenticated attacker to delete arbitrary files on disk as SYSTEM or root. | 8.5 |
| 2020-08-25 | CVE-2020-15645 | Unrestricted Upload of File with Dangerous Type vulnerability in Marvell Qconvergeconsole This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. | 8.8 |
| 2020-08-25 | CVE-2020-15643 | Path Traversal vulnerability in Marvell Qconvergeconsole This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. | 8.8 |
| 2019-11-15 | CVE-2019-13582 | Out-of-bounds Write vulnerability in Marvell 88W8688 Firmware An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. | 7.5 |
| 2019-11-15 | CVE-2019-13581 | Out-of-bounds Write vulnerability in Marvell 88W8688 Firmware An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. | 7.5 |
| 2019-01-20 | CVE-2019-6496 | Out-of-bounds Write vulnerability in Marvell products The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks. | 8.3 |
| 2016-07-26 | CVE-2015-5738 | Information Exposure vulnerability in multiple products The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. | 7.5 |
| 2008-10-14 | CVE-2008-4441 | Improper Input Validation vulnerability in Linksys Wap400N 1.2.14 The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197. | 7.1 |