Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47363 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-47323 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
|
|||||
| CVE-2023-20609 | 2 Google, Mediatek | 11 Android, Mt6833, Mt6853 and 8 more | 2025-03-26 | N/A | 4.4 MEDIUM |
|
In ccu, there is a possible out of bounds read due to a logic error. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07570864; Issue ID: ALPS07570864.
|
|||||
| CVE-2022-1586 | 5 Debian, Fedoraproject, Netapp and 2 more | 18 Debian Linux, Fedora, Active Iq Unified Manager and 15 more | 2025-03-25 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT.
|
|||||
| CVE-2024-27366 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-03-25 | N/A | 4.4 MEDIUM |
|
An issue was discovered in Samsung Mobile Processor, Wearable Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_scan_done_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.
|
|||||
| CVE-2024-27218 | 1 Google | 1 Android | 2025-03-25 | N/A | 5.5 MEDIUM |
|
In update_freq_data of , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2022-48293 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-24 | N/A | 6.5 MEDIUM |
|
The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2022-48292 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-24 | N/A | 6.5 MEDIUM |
|
The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2023-21012 | 1 Google | 1 Android | 2025-03-24 | N/A | 4.4 MEDIUM |
|
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029812
|
|||||
| CVE-2024-44199 | 1 Apple | 1 Macos | 2025-03-24 | N/A | 7.1 HIGH |
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause unexpected system termination or read kernel memory.
|
|||||
| CVE-2024-41311 | 2 Debian, Struktur | 2 Debian Linux, Libheif | 2025-03-24 | N/A | 8.1 HIGH |
|
In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.
|
|||||
| CVE-2025-30347 | 1 Varnish-software | 1 Varnish Enterprise | 2025-03-24 | N/A | 4.0 MEDIUM |
|
Varnish Enterprise before 6.0.13r13 allows remote attackers to obtain sensitive information via an out-of-bounds read for range requests on ephemeral MSE4 stevedore objects.
|
|||||
| CVE-2023-22353 | 1 Jtekt | 1 Screen Creator Advance 2 | 2025-03-21 | N/A | 7.8 HIGH |
|
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing control management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.
|
|||||
| CVE-2023-22350 | 1 Jtekt | 1 Screen Creator Advance 2 | 2025-03-21 | N/A | 7.8 HIGH |
|
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing parts management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.
|
|||||
| CVE-2023-22347 | 1 Jtekt | 1 Screen Creator Advance 2 | 2025-03-21 | N/A | 7.8 HIGH |
|
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing file structure information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.
|
|||||
| CVE-2023-22346 | 1 Jtekt | 1 Screen Creator Advance 2 | 2025-03-21 | N/A | 7.8 HIGH |
|
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing template information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.
|
|||||
| CVE-2023-0798 | 1 Libtiff | 1 Libtiff | 2025-03-21 | N/A | 6.8 MEDIUM |
|
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
|
|||||
| CVE-2023-0797 | 1 Libtiff | 1 Libtiff | 2025-03-21 | N/A | 6.8 MEDIUM |
|
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
|
|||||
| CVE-2023-0796 | 1 Libtiff | 1 Libtiff | 2025-03-21 | N/A | 6.8 MEDIUM |
|
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
|
|||||
| CVE-2023-0795 | 1 Libtiff | 1 Libtiff | 2025-03-21 | N/A | 6.8 MEDIUM |
|
LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.
|
|||||
| CVE-2024-35896 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-03-21 | N/A | 7.1 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: validate user input for expected length
I got multiple syzbot reports showing old bugs exposed
by BPF after commit 20f2505fb436 ("bpf: Try to avoid kzalloc
in cgroup/{s,g}etsockopt")
setsockopt() @optlen argument should be taken into account
before copying data.
BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]
BUG: KASAN: slab-out-of-bounds in copy_from_sockptr inclu ...
Show More |
|||||
| CVE-2023-22349 | 1 Jtekt | 1 Screen Creator Advance 2 | 2025-03-21 | N/A | 7.8 HIGH |
|
Out-of-bound read vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier because the end of data cannot be verified when processing screen management information. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution.
|
|||||
| CVE-2024-26896 | 1 Linux | 1 Linux Kernel | 2025-03-21 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: wfx: fix memory leak when starting AP
Kmemleak reported this error:
unreferenced object 0xd73d1180 (size 184):
comm "wpa_supplicant", pid 1559, jiffies 13006305 (age 964.245s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 1e 00 01 00 00 00 00 00 ................
backtrace:
[<5ca11420>] kmem_cache_alloc+0 ...
Show More |
|||||
| CVE-2024-26890 | 1 Linux | 1 Linux Kernel | 2025-03-21 | N/A | 6.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: btrtl: fix out of bounds memory access
The problem is detected by KASAN.
btrtl driver uses private hci data to store 'struct btrealtek_data'.
If btrtl driver is used with btusb, then memory for private hci data
is allocated in btusb. But no private data is allocated after hci_dev,
when btrtl is used with hci_h5.
This commit adds memory allocation for hci_h5 case.
================================================== ...
Show More |
|||||
| CVE-2024-27364 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-03-20 | N/A | 4.4 MEDIUM |
|
An issue was discovered in Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_roamed_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.
|
|||||
| CVE-2022-48651 | 1 Linux | 1 Linux Kernel | 2025-03-20 | N/A | 7.7 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
If an AF_PACKET socket is used to send packets through ipvlan and the
default xmit function of the AF_PACKET socket is changed from
dev_queue_xmit() to packet_direct_xmit() via setsockopt() with the option
name of PACKET_QDISC_BYPASS, the skb->mac_header may not be reset and
remains as the initial value of 65535, this may trigger slab-out-of-bounds
bugs as following ...
Show More |
|||||
| CVE-2024-26970 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-03-20 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
clk: qcom: gcc-ipq6018: fix terminating of frequency table arrays
The frequency table arrays are supposed to be terminated with an
empty element. Add such entry to the end of the arrays where it
is missing in order to avoid possible out-of-bound access when
the table is traversed by functions like qcom_find_freq() or
qcom_find_freq_floor().
Only compile tested.
|
|||||
| CVE-2024-6779 | 1 Google | 1 Chrome | 2025-03-20 | N/A | 9.6 CRITICAL |
|
Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2024-54937 | 1 Lopalopa | 1 E-learning Management System | 2025-03-20 | N/A | 5.3 MEDIUM |
|
A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets.
|
|||||
| CVE-2024-27380 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-03-20 | N/A | 6.0 MEDIUM |
|
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_set_delayed_wakeup_type(), there is no input validation check on a length of ioctl_args->args[i] coming from userspace, which can lead to a heap over-read.
|
|||||
| CVE-2020-14410 | 3 Debian, Fedoraproject, Libsdl | 3 Debian Linux, Fedora, Simple Directmedia Layer | 2025-03-20 | 5.8 MEDIUM | 5.4 MEDIUM |
|
SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.
|
|||||
| CVE-2023-1194 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2025-03-20 | N/A | 7.1 HIGH |
|
An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of `NameOffset` in the `parse_lease_state()` function, the `create_context` object can access invalid memory.
|
|||||
| CVE-2023-6040 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-03-20 | N/A | 7.8 HIGH |
|
An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.
|
|||||
| CVE-2023-21014 | 1 Google | 1 Android | 2025-03-19 | N/A | 4.4 MEDIUM |
|
In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029326
|
|||||
| CVE-2024-2884 | 1 Google | 1 Chrome | 2025-03-19 | N/A | 6.5 MEDIUM |
|
Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2021-47044 | 1 Linux | 1 Linux Kernel | 2025-03-19 | N/A | 7.7 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
sched/fair: Fix shift-out-of-bounds in load_balance()
Syzbot reported a handful of occurrences where an sd->nr_balance_failed can
grow to much higher values than one would expect.
A successful load_balance() resets it to 0; a failed one increments
it. Once it gets to sd->cache_nice_tries + 3, this *should* trigger an
active balance, which will either set it to sd->cache_nice_tries+1 or reset
it to 0. However, in case the to-b ...
Show More |
|||||
| CVE-2024-44910 | 1 Nasa | 1 Cryptolib | 2025-03-19 | N/A | 7.5 HIGH |
|
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).
|
|||||
| CVE-2023-32190 | 2025-03-19 | N/A | 7.8 HIGH | ||
|
mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges.
|
|||||
| CVE-2024-44911 | 1 Nasa | 1 Cryptolib | 2025-03-18 | N/A | 7.5 HIGH |
|
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_tc.c).
|
|||||
| CVE-2024-27368 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-03-18 | N/A | 4.4 MEDIUM |
|
An issue was discovered in Samsung Mobile Processor Exynos Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_received_frame_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.
|
|||||