Total
7200 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43533 | 1 Qualcomm | 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 473 more | 2024-08-02 | 7.5 High |
| Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. | ||||
| CVE-2024-27094 | 2024-08-02 | 6.5 Medium | ||
| OpenZeppelin Contracts is a library for secure smart contract development. The `Base64.encode` function encodes a `bytes` input by iterating over it in chunks of 3 bytes. When this input is not a multiple of 3, the last iteration may read parts of the memory that are beyond the input buffer. The vulnerability is fixed in 5.0.2 and 4.9.6. | ||||
| CVE-2023-42886 | 1 Apple | 1 Macos | 2024-08-02 | 7.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution. | ||||
| CVE-2023-42862 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-08-02 | 6.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. | ||||
| CVE-2023-42731 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-08-02 | 4.4 Medium |
| In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-42720 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-08-02 | 5.5 Medium |
| In video service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-42726 | 2 Google, Unisoc | 12 Android, S8000, Sc9863a and 9 more | 2024-08-02 | 4.4 Medium |
| In TeleService, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-42725 | 2 Google, Unisoc | 12 Android, S8000, Sc9863a and 9 more | 2024-08-02 | 4.4 Medium |
| In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-42723 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 5.5 Medium |
| In camera service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-42724 | 2 Google, Unisoc | 12 Android, S8000, Sc9863a and 9 more | 2024-08-02 | 4.4 Medium |
| In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-42683 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 4.4 Medium |
| In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-42680 | 2 Google, Unisoc | 12 Android, S8000, Sc9863a and 9 more | 2024-08-02 | 4.4 Medium |
| In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-42684 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-02 | 4.4 Medium |
| In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-42538 | 1 Samsung | 1 Android | 2024-08-02 | 5.9 Medium |
| An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | ||||
| CVE-2023-42536 | 1 Samsung | 1 Android | 2024-08-02 | 8.4 High |
| An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | ||||
| CVE-2023-42109 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2024-08-02 | N/A |
| PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22136. | ||||
| CVE-2023-42107 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2024-08-02 | N/A |
| PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22134. | ||||
| CVE-2023-42106 | 2024-08-02 | N/A | ||
| PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22133. | ||||
| CVE-2023-42110 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2024-08-02 | N/A |
| PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22137. | ||||
| CVE-2023-42113 | 2024-08-02 | N/A | ||
| PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22147. | ||||