Total
7211 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32166 | 2 Cloudbase, Debian | 2 Open Vswitch, Debian Linux | 2024-09-16 | 8.6 High |
| In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. | ||||
| CVE-2022-24383 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2024-09-16 | 7.8 High |
| The affected product is vulnerable to an out-of-bounds read, which may result in code execution | ||||
| CVE-2017-13290 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69384124. | ||||
| CVE-2018-9451 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-79488511. | ||||
| CVE-2017-10683 | 1 Mpg123 | 1 Mpg123 | 2024-09-16 | 7.5 High |
| In mpg123 1.25.0, there is a heap-based buffer over-read in the convert_latin1 function in libmpg123/id3.c. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2017-14407 | 1 Mp3gain | 1 Mp3gain | 2024-09-16 | N/A |
| A stack-based buffer over-read was discovered in filterYule in gain_analysis.c in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service. | ||||
| CVE-2017-3735 | 3 Debian, Openssl, Redhat | 3 Debian Linux, Openssl, Enterprise Linux | 2024-09-16 | N/A |
| While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g. | ||||
| CVE-2017-11089 | 1 Google | 1 Android | 2024-09-16 | N/A |
| In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes | ||||
| CVE-2017-14529 | 1 Gnu | 1 Binutils | 2024-09-16 | N/A |
| The pe_print_idata function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles HintName vector entries, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PE file, related to the bfd_getl16 function. | ||||
| CVE-2018-20618 | 1 Ok-file-formats Project | 1 Ok-file-formats | 2024-09-16 | 8.8 High |
| ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c. | ||||
| CVE-2017-8199 | 1 Huawei | 6 Max Presence, Max Presence Firmware, Tp3106 and 3 more | 2024-09-16 | N/A |
| MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot. | ||||
| CVE-2022-28258 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-16 | 5.5 Medium |
| Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-42342 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-09-16 | 5.5 Medium |
| Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2018-20201 | 1 Pur3 | 1 Espruino | 2024-09-16 | N/A |
| There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file. | ||||
| CVE-2020-28603 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2024-09-16 | 8.8 High |
| Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_prev(). | ||||
| CVE-2017-13168 | 2 Canonical, Google | 2 Ubuntu Linux, Android | 2024-09-16 | N/A |
| An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions: Android kernel. Android ID A-65023233. | ||||
| CVE-2021-40402 | 1 Gerbv Project | 1 Gerbv | 2024-09-16 | 7.5 High |
| An out-of-bounds read vulnerability exists in the RS-274X aperture macro multiple outline primitives functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.7.1 and 2.8.0. A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2018-8789 | 3 Canonical, Debian, Freerdp | 3 Ubuntu Linux, Debian Linux, Freerdp | 2024-09-16 | N/A |
| FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). | ||||
| CVE-2022-43596 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2024-09-16 | 5.9 Medium |
| An information disclosure vulnerability exists in the IFFOutput channel interleaving functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability. | ||||
| CVE-2022-34252 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-09-16 | 5.5 Medium |
| Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||