Total
412 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-24068 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-08 | N/A | 5.5 MEDIUM |
|
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
|
|||||
| CVE-2023-28267 | 1 Microsoft | 14 Remote Desktop Client, Windows 10 1507, Windows 10 1607 and 11 more | 2025-07-07 | N/A | 6.5 MEDIUM |
|
Remote Desktop Protocol Client Information Disclosure Vulnerability
|
|||||
| CVE-2025-24992 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 21h2 and 11 more | 2025-07-03 | N/A | 5.5 MEDIUM |
|
Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.
|
|||||
| CVE-2025-47295 | 1 Fortinet | 1 Fortios | 2025-06-04 | N/A | 3.7 LOW |
|
A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon via a specially crafted request, under rare conditions that are outside of the attacker's control.
|
|||||
| CVE-2023-51773 | 1 Bacnetstack | 1 Bacnet Stack | 2025-05-23 | N/A | 9.1 CRITICAL |
|
BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacapp_decode_application_data in bacapp.c.
|
|||||
| CVE-2025-32704 | 1 Microsoft | 4 365 Apps, Excel, Office and 1 more | 2025-05-19 | N/A | 8.4 HIGH |
|
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
|
|||||
| CVE-2025-29956 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-19 | N/A | 5.4 MEDIUM |
|
Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.
|
|||||
| CVE-2022-38673 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-15 | N/A | 5.5 MEDIUM |
|
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
|
|||||
| CVE-2025-4207 | 2025-05-12 | N/A | 5.9 MEDIUM | ||
|
Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.
|
|||||
| CVE-2024-45568 | 1 Qualcomm | 26 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 23 more | 2025-05-09 | N/A | 6.7 MEDIUM |
|
Memory corruption due to improper bounds check while command handling in camera-kernel driver.
|
|||||
| CVE-2024-49846 | 1 Qualcomm | 62 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 59 more | 2025-05-09 | N/A | 8.2 HIGH |
|
Memory corruption while decoding of OTA messages from T3448 IE.
|
|||||
| CVE-2024-49847 | 1 Qualcomm | 94 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 91 more | 2025-05-09 | N/A | 7.5 HIGH |
|
Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.
|
|||||
| CVE-2024-11596 | 1 Wireshark | 1 Wireshark | 2025-05-07 | N/A | 7.8 HIGH |
|
ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file
|
|||||
| CVE-2025-21176 | 3 Apple, Linux, Microsoft | 20 Macos, Linux Kernel, .net and 17 more | 2025-05-06 | N/A | 8.8 HIGH |
|
.NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
|
|||||
| CVE-2022-39132 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
|
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
|
|||||
| CVE-2022-39130 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
|
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
|
|||||
| CVE-2022-42774 | 2 Google, Unisoc | 14 Android, S8002, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42768 | 2 Google, Unisoc | 14 Android, S8013, Sc7731e and 11 more | 2025-04-23 | N/A | 4.3 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42781 | 2 Google, Unisoc | 14 Android, S8006, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42780 | 2 Google, Unisoc | 14 Android, S8005, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42779 | 2 Google, Unisoc | 14 Android, S8003, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42762 | 2 Google, Unisoc | 14 Android, S8007, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42759 | 2 Google, Unisoc | 14 Android, S8017, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42758 | 2 Google, Unisoc | 14 Android, S8016, Sc7731e and 11 more | 2025-04-23 | N/A | 3.3 LOW |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42757 | 2 Google, Unisoc | 14 Android, S8015, Sc7731e and 11 more | 2025-04-23 | N/A | 3.3 LOW |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2017-7668 | 6 Apache, Apple, Debian and 3 more | 13 Http Server, Mac Os X, Debian Linux and 10 more | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.
|
|||||
| CVE-2017-7679 | 1 Apache | 1 Http Server | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
|
|||||
| CVE-2022-44446 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-44443 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-44445 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
|
|||||
| CVE-2023-38144 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-04-08 | N/A | 7.8 HIGH |
|
Windows Common Log File System Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-0396 | 1 Zephyrproject | 1 Zephyr | 2025-04-03 | N/A | 6.8 MEDIUM |
|
A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses.
|
|||||
| CVE-2023-6936 | 1 Wolfssl | 1 Wolfssl | 2025-03-26 | N/A | 5.3 MEDIUM |
|
In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).
|
|||||
| CVE-2024-57970 | 2025-02-18 | N/A | 4.0 MEDIUM | ||
|
libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
|
|||||
| CVE-2024-12011 | 2025-02-13 | N/A | 7.6 HIGH | ||
|
A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid authentication tokens from the process memory associated to users currently logged to the system and bypass the authentication mechanism.
|
|||||
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | N/A | 8.2 HIGH |
|
Information disclosure while parsing the OCI IE with invalid length.
|
|||||
| CVE-2024-38404 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-02-05 | N/A | 7.5 HIGH |
|
Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.
|
|||||
| CVE-2024-38414 | 1 Qualcomm | 58 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 55 more | 2025-02-05 | N/A | 6.1 MEDIUM |
|
Information disclosure while processing information on firmware image during core initialization.
|
|||||
| CVE-2024-38416 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, C-v2x 9150 and 141 more | 2025-02-05 | N/A | 6.1 MEDIUM |
|
Information disclosure during audio playback.
|
|||||
| CVE-2024-38417 | 1 Qualcomm | 112 Ar8035, Ar8035 Firmware, C-v2x 9150 and 109 more | 2025-02-05 | N/A | 6.1 MEDIUM |
|
Information disclosure while processing IO control commands.
|
|||||