Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-44331 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Adobe Photoshop versions 24.7.1 (and earlier) and 25.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2023-44326 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Adobe Dimension versions 3.4.9 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2023-44325 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Adobe Animate versions 23.0.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2023-44114 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
|
Out-of-bounds array vulnerability in the dataipa module.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2023-44112 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
|
Out-of-bounds access vulnerability in the device authentication module. Successful exploitation of this vulnerability may affect confidentiality.
|
|||||
| CVE-2023-44103 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
|
Out-of-bounds read vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.
|
|||||
| CVE-2023-44087 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
|
|||||
| CVE-2023-44086 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
|
|||||
| CVE-2023-44085 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
|
|||||
| CVE-2023-44084 | 1 Siemens | 1 Tecnomatix | 2024-11-21 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.
|
|||||
| CVE-2023-43756 | 1 Openatom | 1 Openharmony | 2024-11-21 | N/A | 2.9 LOW |
|
in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read.
|
|||||
| CVE-2023-43574 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A buffer over-read was reported in the LEMALLDriversConnectedEventHook module in some Lenovo Desktop products that may allow a local attacker with elevated privileges
to disclose sensitive information.
|
|||||
| CVE-2023-43572 | 1 Lenovo | 222 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 219 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
A buffer over-read was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to disclose sensitive information.
|
|||||
| CVE-2023-43512 | 1 Qualcomm | 2 Qcn7606, Qcn7606 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services buffer.
|
|||||
| CVE-2023-42821 | 1 Gomarkdown | 1 Markdown | 2024-11-21 | N/A | 7.5 HIGH |
|
The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Prior to pseudoversion `0.0.0-20230922105210-14b16010c2ee`, which corresponds with commit `14b16010c2ee7ff33a940a541d993bd043a88940`, parsing malformed markdown input with parser that uses parser.Mmark extension could result in out-of-bounds read vulnerability. To exploit the vulnerability, parser needs to have `parser.Mmark` extension set. The panic occurs inside the `citation.go` file ...
Show More |
|||||
| CVE-2023-42755 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | N/A | 6.5 MEDIUM |
|
A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service.
|
|||||
| CVE-2023-42731 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2023-42728 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2023-42725 | 2 Google, Unisoc | 12 Android, S8000, Sc9863a and 9 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2023-42724 | 2 Google, Unisoc | 12 Android, S8000, Sc9863a and 9 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2023-42723 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In camera service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2023-42720 | 2 Google, Unisoc | 5 Android, S8000, T760 and 2 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In video service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2023-42719 | 2 Google, Unisoc | 4 Android, T606, T612 and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
In video service, there is a possible out of bounds read due to a incorrect bounds check. This could lead to local denial of service with no additional execution privileges needed
|
|||||
| CVE-2023-42684 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2023-42683 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2023-42680 | 2 Google, Unisoc | 12 Android, S8000, Sc9863a and 9 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
|
|||||
| CVE-2023-42538 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
|
An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
|
|||||
| CVE-2023-42537 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 8.4 HIGH |
|
An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
|
|||||
| CVE-2023-42536 | 1 Samsung | 1 Android | 2024-11-21 | N/A | 8.4 HIGH |
|
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
|
|||||
| CVE-2023-42138 | 1 Keyence | 2 Kv Replay Viewer, Kv Studio | 2024-11-21 | N/A | 7.8 HIGH |
|
Out-of-bounds read vulnerability exists in KV STUDIO Ver. 11.62 and earlier and KV REPLAY VIEWER Ver. 2.62 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user of KV STUDIO PLAYER open a specially crafted file.
|
|||||
| CVE-2023-42095 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2024-11-21 | N/A | 3.3 LOW |
|
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result ...
Show More |
|||||
| CVE-2023-42090 | 1 Foxit | 2 Pdf Editor, Pdf Reader | 2024-11-21 | N/A | 7.1 HIGH |
|
Foxit PDF Reader XFA Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Doc objects. The issue results from the lack of proper validation of user-supplied data, which can result ...
Show More |
|||||
| CVE-2023-41910 | 1 Lldpd Project | 1 Lldpd | 2024-11-21 | N/A | 9.8 CRITICAL |
|
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
|
|||||
| CVE-2023-41360 | 3 Debian, Fedoraproject, Frrouting | 3 Debian Linux, Fedora, Frrouting | 2024-11-21 | N/A | 9.1 CRITICAL |
|
An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation.
|
|||||
| CVE-2023-41359 | 2 Fedoraproject, Frrouting | 2 Fedora, Frrouting | 2024-11-21 | N/A | 9.1 CRITICAL |
|
An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation.
|
|||||
| CVE-2023-41252 | 1 Intel | 1 Quickassist Technology Driver | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Out-of-bounds read in some Intel(R) QAT software drivers for Windows before version QAT1.7-W-1.11.0 may allow an authenticated user to potentially enable denial of service via local access.
|
|||||
| CVE-2023-40576 | 1 Freerdp | 1 Freerdp | 2024-11-21 | N/A | 5.3 MEDIUM |
|
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `RleDecompress` function. This Out-Of-Bounds Read occurs because FreeRDP processes the `pbSrcBuffer` variable without checking if it contains data of sufficient length. Insufficient data in the `pbSrcBuffer` variable may cause errors or crashes. This issue has been addressed in version 3.0.0-beta3. Users are advised to upgrade. Th ...
Show More |
|||||
| CVE-2023-40575 | 1 Freerdp | 1 Freerdp | 2024-11-21 | N/A | 5.3 MEDIUM |
|
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_YUV444ToRGB_8u_P3AC4R_BGRX` function. This issue is likely down to insufficient data for the `pSrc` variable and results in crashes. This issue has been addressed in version 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this issue.
|
|||||
| CVE-2023-40551 | 2 Fedoraproject, Redhat | 3 Fedora, Enterprise Linux, Shim | 2024-11-21 | N/A | 5.1 MEDIUM |
|
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
|
|||||
| CVE-2023-40550 | 2 Fedoraproject, Redhat | 3 Fedora, Enterprise Linux, Shim | 2024-11-21 | N/A | 5.5 MEDIUM |
|
An out-of-bounds read flaw was found in Shim when it tried to validate the SBAT information. This issue may expose sensitive data during the system's boot phase.
|
|||||