Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-19 | CVE-2018-9366 | Integer Overflow or Wraparound vulnerability in Google Android In IMSA_Recv_Thread and VT_IMCB_Thread of ImsaClient.cpp and VideoTelephony.c, there is a possible out of bounds write due to an integer overflow. | 7.8 |
| 2024-11-19 | CVE-2018-9367 | Out-of-bounds Write vulnerability in Google Android In FT_ACDK_CCT_V2_OP_ISP_SET_TUNING_PARAS of Meta_CCAP_Para.cpp, there is a possible out of bounds write due to improper input validation. | 7.8 |
| 2024-11-19 | CVE-2018-9368 | Out-of-bounds Write vulnerability in Google Android In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. | 7.8 |
| 2024-11-19 | CVE-2018-9369 | Unspecified vulnerability in Google Android In bootloader there is fastboot command allowing user specified kernel command line arguments. | 7.3 |
| 2024-11-19 | CVE-2018-9370 | Out-of-bounds Write vulnerability in Google Android In download.c there is a special mode allowing user to download data into memory and causing possible memory corruptions due to missing bounds check. | 7.3 |
| 2024-11-19 | CVE-2024-52359 | Incorrect User Management vulnerability in IBM Concert Software IBM Concert Software 1.0.0, 1.0.1, 1.0.2, and 1.0.2.1 could allow an authenticated user to perform unauthorized actions that should be reserved to administrator used due to improper access controls. | 8.8 |
| 2024-11-19 | CVE-2018-9339 | Type Confusion vulnerability in Google Android 8.0/8.1 In writeTypedArrayList and readTypedArrayList of Parcel.java, there is a possible escalation of privilege due to type confusion. | 7.8 |
| 2024-11-19 | CVE-2018-9341 | Out-of-bounds Write vulnerability in Google Android In impeg2d_mc_fullx_fully of impeg2d_mc.c there is a possible out of bound write due to missing bounds check. | 7.8 |
| 2024-11-19 | CVE-2018-9344 | Improper Locking vulnerability in Google Android 8.1 In several functions of DescramblerImpl.cpp, there is a possible use after free due to improper locking. | 7.8 |
| 2024-11-19 | CVE-2024-21697 | Unspecified vulnerability in Atlassian Sourcetree 3.4.19/4.2.8 This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Sourcetree for Mac and Sourcetree for Windows customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Sourcetree for Mac 4.2: Upgrade to a release greater than or equal to 4.2.9 Sourcetree for Windows 3.4: Upgrade to a release greater than or equal to 3.4.20 See the release notes ([https://www.sourcetreeapp.com/download-archives]). | 8.8 |