Total
7200 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-48958 | 1 Libarchive | 1 Libarchive | 2024-10-11 | 7.8 High |
| execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. | ||||
| CVE-2024-48957 | 1 Libarchive | 1 Libarchive | 2024-10-11 | 7.8 High |
| execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst. | ||||
| CVE-2023-42719 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-10-11 | 5.5 Medium |
| In video service, there is a possible out of bounds read due to a incorrect bounds check. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2024-34122 | 2 Adobe, Microsoft | 2 Acrobat, Edge Chromium | 2024-10-11 | 7.8 High |
| Acrobat for Edge versions 126.0.2592.68 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-38682 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-10-11 | 7.8 High |
| A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-39182 | 1 Siemens | 1 Solid Edge | 2024-10-11 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-39183 | 1 Siemens | 1 Solid Edge | 2024-10-11 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-39184 | 1 Siemens | 1 Solid Edge | 2024-10-11 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-39185 | 1 Siemens | 1 Solid Edge | 2024-10-11 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-39188 | 1 Siemens | 1 Solid Edge | 2024-10-11 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-39186 | 1 Siemens | 1 Solid Edge | 2024-10-10 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-33080 | 1 Qualcomm | 733 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 730 more | 2024-10-10 | 7.5 High |
| Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. | ||||
| CVE-2024-47420 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | 5.5 Medium |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-47419 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-10-10 | 5.5 Medium |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20102 | 2 Google, Mediatek | 9 Android, Mt3605, Mt6985 and 6 more | 2024-10-10 | 4.9 Medium |
| In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998892; Issue ID: MSV-1601. | ||||
| CVE-2023-39187 | 1 Siemens | 1 Solid Edge | 2024-10-10 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-20823 | 2 Google, Mediatek | 21 Android, Mt6768, Mt6781 and 18 more | 2024-10-10 | 4.4 Medium |
| In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592. | ||||
| CVE-2023-1532 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-10-10 | 8.8 High |
| Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-39396 | 1 Huawei | 2 Emui, Harmonyos | 2024-10-10 | 7.5 High |
| Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2017-3261 | 2 Oracle, Redhat | 6 Jdk, Jre, Enterprise Linux and 3 more | 2024-10-09 | N/A |
| Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts). | ||||