Total
8575 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34346 | 1 Intel | 1 Media Software Development Kit | 2025-01-27 | 4.8 Medium |
| Out-of-bounds read in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-34864 | 1 Intel | 1 Trace Analyzer And Collector | 2025-01-27 | 4.2 Medium |
| Out-of-bounds read in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-46765 | 1 Amd | 88 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 85 more | 2025-01-27 | 7.5 High |
| Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. | ||||
| CVE-2022-35729 | 2 Intel, Openbmc-project | 58 C621a, C624a, C627a and 55 more | 2025-01-27 | 7.5 High |
| Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2023-23909 | 1 Intel | 2 Oneapi Hpc Toolkit, Trace Analyzer And Collector | 2025-01-27 | 2.8 Low |
| Out-of-bounds read for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21239 | 1 Intel | 1 Quickassist Technology | 2025-01-27 | 5.6 Medium |
| Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-24475 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2025-01-27 | 6 Medium |
| Out of bounds read in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | ||||
| CVE-2023-25008 | 1 Autodesk | 1 3ds Max Usd | 2025-01-24 | 7.8 High |
| A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds read vulnerability which could result in code execution. | ||||
| CVE-2023-20706 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | 5.5 Medium |
| In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860. | ||||
| CVE-2023-20711 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2025-01-24 | 4.4 Medium |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668. | ||||
| CVE-2023-21112 | 1 Google | 1 Android | 2025-01-24 | 5.5 Medium |
| In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252763983 | ||||
| CVE-2023-20703 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | 5.5 Medium |
| In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853. | ||||
| CVE-2023-20719 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6739 and 24 more | 2025-01-24 | 4.4 Medium |
| In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583. | ||||
| CVE-2023-2512 | 1 Cloudflare | 1 Workerd | 2025-01-24 | 6.5 Medium |
| Prior to version v1.20230419.0, the FormData API implementation was subject to an integer overflow. If a FormData instance contained more than 2^31 elements, the forEach() method could end up reading from the wrong location in memory while iterating over elements. This would most likely lead to a segmentation fault, but could theoretically allow arbitrary undefined behavior. In order for the bug to be exploitable, the process would need to be able to allocate 160GB of RAM. Due to this, the bug was never exploitable on the Cloudflare Workers platform, but could theoretically be exploitable on deployments of workerd running on machines with a huge amount of memory. Moreover, in order to be remotely exploited, an attacker would have to upload a single form-encoded HTTP request of at least tens of gigabytes in size. The application code would then have to use request.formData() to parse the request and formData.forEach() to iterate over this data. Due to these limitations, the exploitation likelihood was considered Low. A fix that addresses this vulnerability has been released in version v1.20230419.0 and users are encouraged to update to the latest version available. | ||||
| CVE-2023-20698 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6731 and 51 more | 2025-01-23 | 4.4 Medium |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144. | ||||
| CVE-2023-20697 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6731 and 51 more | 2025-01-23 | 4.4 Medium |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148. | ||||
| CVE-2024-26003 | 1 Phoenixcontact | 8 Charx Sec-3000, Charx Sec-3000 Firmware, Charx Sec-3050 and 5 more | 2025-01-23 | 7.5 High |
| An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality. | ||||
| CVE-2023-24931 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 7.5 High |
| Windows Secure Channel Denial of Service Vulnerability | ||||
| CVE-2023-21729 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 9 more | 2025-01-23 | 4.3 Medium |
| Remote Procedure Call Runtime Information Disclosure Vulnerability | ||||
| CVE-2023-2838 | 1 Gpac | 1 Gpac | 2025-01-21 | 9.1 Critical |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | ||||