Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-42063 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 7.8 HIGH |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a r ...
Show More |
|||||
| CVE-2023-42064 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 7.8 HIGH |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a r ...
Show More |
|||||
| CVE-2023-42065 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 5.5 MEDIUM |
|
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can resu ...
Show More |
|||||
| CVE-2023-42066 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 5.5 MEDIUM |
|
PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of user-supplied data, which can resu ...
Show More |
|||||
| CVE-2023-42067 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 5.5 MEDIUM |
|
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JB2 files. The issue results from the lack of proper validation of user-supplied data, which can resu ...
Show More |
|||||
| CVE-2023-42068 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 5.5 MEDIUM |
|
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JB2 files. The issue results from the lack of proper validation of user-supplied data, which can resu ...
Show More |
|||||
| CVE-2023-42070 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 5.5 MEDIUM |
|
PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result ...
Show More |
|||||
| CVE-2023-42072 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 5.5 MEDIUM |
|
PDF-XChange Editor JPC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of JPC files. The issue results from the lack of proper validation of user-supplied data, which can resu ...
Show More |
|||||
| CVE-2023-42073 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-05-16 | N/A | 5.5 MEDIUM |
|
PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an alloca ...
Show More |
|||||
| CVE-2024-31150 | 2025-05-16 | N/A | 3.8 LOW | ||
|
Out-of-bounds read for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable information disclosure via local access.
|
|||||
| CVE-2025-20101 | 2025-05-16 | N/A | 8.4 HIGH | ||
|
Out-of-bounds read for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable information disclosure or denial of service via local access.
|
|||||
| CVE-2022-25665 | 1 Qualcomm | 168 Aqt1000, Aqt1000 Firmware, Ar8035 and 165 more | 2025-05-15 | N/A | 6.8 MEDIUM |
|
Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
|
|||||
| CVE-2022-25663 | 1 Qualcomm | 62 Aqt1000, Aqt1000 Firmware, Qca1062 and 59 more | 2025-05-15 | N/A | 5.5 MEDIUM |
|
Possible buffer overflow due to lack of buffer length check during management frame Rx handling lead to denial of service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
|
|||||
| CVE-2022-42901 | 1 Bentley | 2 Microstation, View | 2025-05-15 | N/A | 7.8 HIGH |
|
Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds and stack overflow issues when opening crafted XMT files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.
|
|||||
| CVE-2022-42900 | 1 Bentley | 2 Microstation, View | 2025-05-15 | N/A | 7.8 HIGH |
|
Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read issues when opening crafted FBX files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.
|
|||||
| CVE-2022-42899 | 1 Bentley | 2 Microstation, View | 2025-05-15 | N/A | 7.8 HIGH |
|
Bentley MicroStation and MicroStation-based applications may be affected by out-of-bounds read and stack overflow issues when opening crafted SKP files. Exploiting these issues could lead to information disclosure and code execution. The fixed versions are 10.17.01.58* for MicroStation and 10.17.01.19* for Bentley View.
|
|||||
| CVE-2021-46840 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-15 | N/A | 9.1 CRITICAL |
|
The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
|
|||||
| CVE-2021-46839 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-15 | N/A | 9.1 CRITICAL |
|
The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
|
|||||
| CVE-2022-38998 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-15 | N/A | 7.5 HIGH |
|
The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.
|
|||||
| CVE-2022-38984 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-15 | N/A | 7.5 HIGH |
|
The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.
|
|||||
| CVE-2022-38981 | 1 Huawei | 1 Harmonyos | 2025-05-15 | N/A | 7.5 HIGH |
|
The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage.
|
|||||
| CVE-2022-41594 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2022-41593 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2022-41592 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2022-41580 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 9.8 CRITICAL |
|
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
|
|||||
| CVE-2022-41597 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2022-41595 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2022-41598 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2022-41302 | 1 Autodesk | 1 Fbx Software Development Kit | 2025-05-14 | N/A | 7.8 HIGH |
|
An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
|
|||||
| CVE-2022-41601 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2022-41600 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2022-41585 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 7.8 HIGH |
|
The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.
|
|||||
| CVE-2022-41584 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 7.8 HIGH |
|
The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting.
|
|||||
| CVE-2022-41583 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 7.5 HIGH |
|
The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module.
|
|||||
| CVE-2022-41581 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 9.1 CRITICAL |
|
The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access.
|
|||||
| CVE-2022-41577 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 7.1 HIGH |
|
The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability.
|
|||||
| CVE-2022-41603 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | N/A | 3.4 LOW |
|
The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service.
|
|||||
| CVE-2024-39720 | 1 Ollama | 1 Ollama | 2025-05-13 | N/A | 8.2 HIGH |
|
An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation).
|
|||||
| CVE-2024-12055 | 1 Ollama | 1 Ollama | 2025-05-13 | N/A | 7.5 HIGH |
|
A vulnerability in Ollama versions <=0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service (DoS) attack. The root cause of the issue is an out-of-bounds read in the gguf.go file.
|
|||||
| CVE-2025-4098 | 2025-05-12 | N/A | N/A | ||
|
Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape.
|
|||||