Vulnerabilities > Marvell > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-08-25 CVE-2020-15641 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
5.0
2020-08-25 CVE-2020-15640 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
5.0
2019-06-04 CVE-2019-10636 Resource Exhaustion vulnerability in Marvell products
Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS1092, 88SS1095, 88SS9174, 88SS9175, 88SS9187, 88SS9188, 88SS9189, 88SS9190, 88SS1085, 88SS1087, 88SS1090, 88SS1100, 88SS1084, 88SS1088, & 88SS1098) devices allow reprogramming flash memory to bypass the secure boot protection mechanism.
local
low complexity
marvell CWE-400
4.9
2009-11-12 CVE-2007-5475 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements.
network
low complexity
marvell linksys CWE-119
6.8
2008-09-05 CVE-2008-1197 Improper Input Validation vulnerability in multiple products
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID."
6.3
2008-09-05 CVE-2008-1144 Improper Input Validation vulnerability in multiple products
The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length."
6.3