Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed.

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed.

Memory corruption when user provides data for FM HCI command control operations.

Transient DOS while handling PS event when Program Service name length offset value is set to 255.

Memory corruption when Alternative Frequency offset value is set to 255.

Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

Memory corruption when allocating and accessing an entry in an SMEM partition.

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.