Total
7200 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-29273 | 1 Adobe | 1 Substance 3d Painter | 2024-08-02 | 7.8 High |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-29279 | 1 Adobe | 1 Substance 3d Painter | 2024-08-02 | 5.5 Medium |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-29275 | 1 Adobe | 1 Substance 3d Painter | 2024-08-02 | 7.8 High |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-29280 | 1 Adobe | 1 Substance 3d Painter | 2024-08-02 | 7.8 High |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-29089 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2024-08-02 | 6.8 Medium |
| An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages. | ||||
| CVE-2023-29053 | 1 Siemens | 2 Jt Open Toolkit, Jt Utilities | 2024-08-02 | 7.8 High |
| A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All versions < V13.3.0.0). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-38481 | 1 Dell | 1 Emc Idrac Service Module | 2024-08-02 | 4.8 Medium |
| Dell iDRAC Service Module version 5.3.0.0 and prior, contain a Out of bound Read Vulnerability. A privileged local attacker could execute arbitrary code potentially resulting in a denial of service event. | ||||
| CVE-2023-28866 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-02 | 5.3 Medium |
| In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not. | ||||
| CVE-2023-28541 | 1 Qualcomm | 426 Aqt1000, Aqt1000 Firmware, Ar8031 and 423 more | 2024-08-02 | 7.8 High |
| Memory Corruption in Data Modem while processing DMA buffer release event about CFR data. | ||||
| CVE-2023-28555 | 1 Qualcomm | 153 Ar8035, Ar8035 Firmware, Fastconnect 6200 Firmware and 150 more | 2024-08-02 | 7.5 High |
| Transient DOS in Audio while remapping channel buffer in media codec decoding. | ||||
| CVE-2023-28542 | 1 Qualcomm | 422 315 5g Iot, 315 5g Iot Firmware, 315 5g Iot Modem Firmware and 419 more | 2024-08-02 | 7.8 High |
| Memory Corruption in WLAN HOST while fetching TX status information. | ||||
| CVE-2023-28543 | 1 Qualcomm | 8 Qcs405, Qcs405 Firmware, Qcs605 and 5 more | 2024-08-02 | 8.1 High |
| A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source). | ||||
| CVE-2023-28571 | 1 Qualcomm | 172 8098, 8098 Firmware, 8998 and 169 more | 2024-08-02 | 6.1 Medium |
| Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. | ||||
| CVE-2023-22233 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-08-02 | 5.5 Medium |
| After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25862 | 1 Adobe | 1 Illustrator | 2024-08-02 | 5.5 Medium |
| Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-28445 | 1 Deno | 3 Deno, Deno Runtime, Serde V8 | 2024-08-02 | 10 Critical |
| Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the only version affected is Deno 1.32.0. Deno Deploy users are not affected. The problem has been resolved by disabling resizable ArrayBuffers temporarily in Deno 1.32.1. Deno 1.32.2 will re-enable resizable ArrayBuffers with a proper fix. As a workaround, run with `--v8-flags=--no-harmony-rab-gsab` to disable resizable ArrayBuffers. | ||||
| CVE-2023-28448 | 1 Versionize Project | 1 Versionize | 2024-08-02 | 5.7 Medium |
| Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the ‘Versionize::deserialize’ implementation provided by the ‘versionize’ crate for ‘vmm_sys_utils::fam::FamStructWrapper', which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise. | ||||
| CVE-2023-28404 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2024-08-02 | 3.8 Low |
| Out-of-bounds read in the Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-28376 | 1 Intel | 14 Ethernet Network Adapter E810-2cqda2, Ethernet Network Adapter E810-2cqda2 Firmware, Ethernet Network Adapter E810-cqda1 and 11 more | 2024-08-02 | 6.5 Medium |
| Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2023-28204 | 3 Apple, Redhat, Webkitgtk | 8 Ipados, Iphone Os, Macos and 5 more | 2024-08-02 | 6.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. | ||||