Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20029 | 2 Google, Mediatek | 39 Android, Mt6761, Mt6762 and 36 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150.
|
|||||
| CVE-2022-20010 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213519176
|
|||||
| CVE-2022-1987 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
|
Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.
|
|||||
| CVE-2022-1927 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Buffer Over-read in GitHub repository vim/vim prior to 8.2.
|
|||||
| CVE-2022-1908 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
|
Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.
|
|||||
| CVE-2022-1907 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
|
Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.
|
|||||
| CVE-2022-1899 | 1 Radare | 1 Radare2 | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0.
|
|||||
| CVE-2022-1858 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction.
|
|||||
| CVE-2022-1851 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
|
|||||
| CVE-2022-1769 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974.
|
|||||
| CVE-2022-1738 | 1 Fujielectric | 1 D300win | 2024-11-21 | N/A | 8.7 HIGH |
|
Fuji Electric D300win prior to version 3.7.1.17 is vulnerable to an out-of-bounds read, which could allow an attacker to leak sensitive data from the process memory.
|
|||||
| CVE-2022-1720 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
|
|||||
| CVE-2022-1714 | 1 Radare | 1 Radare2 | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.
|
|||||
| CVE-2022-1629 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution
|
|||||
| CVE-2022-1623 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:624, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
|
|||||
| CVE-2022-1622 | 4 Apple, Fedoraproject, Libtiff and 1 more | 7 Iphone Os, Macos, Tvos and 4 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.
|
|||||
| CVE-2022-1587 | 4 Fedoraproject, Netapp, Pcre and 1 more | 17 Fedora, Active Iq Unified Manager, H300s and 14 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.
|
|||||
| CVE-2022-1534 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
|
Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.
|
|||||
| CVE-2022-1533 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. This vulnerability is capable of arbitrary code execution.
|
|||||
| CVE-2022-1508 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 6.1 MEDIUM |
|
An out-of-bounds read flaw was found in the Linux kernel’s io_uring module in the way a user triggers the io_read() function with some special parameters. This flaw allows a local user to read some memory out of bounds.
|
|||||
| CVE-2022-1452 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
|
Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html).
|
|||||
| CVE-2022-1451 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
|
Out-of-bounds Read in r_bin_java_constant_value_attr_new function in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end 2f the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. More details see [CWE-125: Out-of-bounds read](https://cwe.mitre.org/data/definitions/125.html).
|
|||||
| CVE-2022-1441 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow.
|
|||||
| CVE-2022-1427 | 1 Mruby | 1 Mruby | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Out-of-bounds Read in mrb_obj_is_kind_of in in GitHub repository mruby/mruby prior to 3.2. # Impact: Possible arbitrary code execution if being exploited.
|
|||||
| CVE-2022-1404 | 1 Deltaww | 1 Cncsoft | 2024-11-21 | N/A | 3.3 LOW |
|
Delta Electronics CNCSoft (All versions prior to 1.01.32) does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.
|
|||||
| CVE-2022-1402 | 1 Deltaww | 1 Asda Soft | 2024-11-21 | 5.8 MEDIUM | 7.8 HIGH |
|
ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds read condition.
|
|||||
| CVE-2022-1354 | 5 Debian, Fedoraproject, Libtiff and 2 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service.
|
|||||
| CVE-2022-1297 | 1 Radare | 1 Radare2 | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.
|
|||||
| CVE-2022-1296 | 1 Radare | 1 Radare2 | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash.
|
|||||
| CVE-2022-1276 | 1 Mruby | 1 Mruby | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.
|
|||||
| CVE-2022-1207 | 1 Radare | 1 Radare2 | 2024-11-21 | 4.3 MEDIUM | 6.6 MEDIUM |
|
Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary.
|
|||||
| CVE-2022-1069 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
|
A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22.
|
|||||
| CVE-2022-1056 | 2 Libtiff, Netapp | 2 Libtiff, Active Iq Unified Manager | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.
|
|||||
| CVE-2022-0924 | 4 Debian, Fedoraproject, Libtiff and 1 more | 4 Debian Linux, Fedora, Libtiff and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.
|
|||||
| CVE-2022-0806 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.
|
|||||
| CVE-2022-0792 | 1 Google | 1 Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-0717 | 1 Mruby | 1 Mruby | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2.
|
|||||
| CVE-2022-0630 | 1 Mruby | 1 Mruby | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
|
Out-of-bounds Read in Homebrew mruby prior to 3.2.
|
|||||
| CVE-2022-0623 | 1 Mruby | 1 Mruby | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Out-of-bounds Read in Homebrew mruby prior to 3.2.
|
|||||
| CVE-2022-0534 | 2 Debian, Htmldoc Project | 2 Debian Linux, Htmldoc | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault).
|
|||||