Total
8560 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-35087 | 1 Swftools | 1 Swftools | 2025-05-28 | 5.5 Medium |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c. | ||||
| CVE-2022-2881 | 1 Isc | 1 Bind | 2025-05-28 | 5.5 Medium |
| The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process. | ||||
| CVE-2020-36602 | 1 Huawei | 16 576up005 Hota-cm-h-shark-bd, 576up005 Hota-cm-h-shark-bd Firmware, 577hota-cm-h-shark-bd and 13 more | 2025-05-28 | 6.1 Medium |
| There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write. | ||||
| CVE-2025-3160 | 1 Assimp | 1 Assimp | 2025-05-28 | 3.3 Low |
| A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the component File Handler. The manipulation leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as a0993658f40d8e13ff5823990c30b43c82a5daf0. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2023-32206 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2025-05-27 | 6.5 Medium |
| An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. | ||||
| CVE-2023-52070 | 1 Jfree | 1 Jfreechart | 2025-05-27 | 8.4 High |
| JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle(int index, int type)' method. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification. | ||||
| CVE-2024-22949 | 1 Jfree | 1 Jfreechart | 2025-05-27 | 9.1 Critical |
| JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification. | ||||
| CVE-2024-34049 | 1 Onosproject | 1 Traffic Steering Xapplication | 2025-05-27 | 7.5 High |
| Open Networking Foundation SD-RAN Rimedo rimedo-ts 0.1.1 has a slice bounds out-of-range panic in "return plmnIdString[0:3], plmnIdString[3:]" in reader.go. | ||||
| CVE-2024-36477 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-05-23 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for computing the maximum transfer length and the size of the transfer buffer. As such, it does not account for the 4 bytes of header that prepends the SPI data frame. This can result in out-of-bounds accesses and was confirmed with KASAN. Introduce SPI_HDRSIZE to account for the header and use to allocate the transfer buffer. | ||||
| CVE-2022-3256 | 3 Debian, Fedoraproject, Vim | 3 Debian Linux, Fedora, Vim | 2025-05-23 | 7.8 High |
| Use After Free in GitHub repository vim/vim prior to 9.0.0530. | ||||
| CVE-2022-32852 | 1 Apple | 1 Macos | 2025-05-22 | 7.1 High |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. | ||||
| CVE-2022-32817 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-22 | 5.5 Medium |
| An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to disclose kernel memory. | ||||
| CVE-2021-39984 | 1 Huawei | 1 Harmonyos | 2025-05-22 | 7.5 High |
| Huawei idap module has a Out-of-bounds Read vulnerability.Successful exploitation of this vulnerability may cause Denial of Service. | ||||
| CVE-2023-35635 | 1 Microsoft | 2 Windows 11 22h2, Windows 11 23h2 | 2025-05-22 | 5.5 Medium |
| Windows Kernel Denial of Service Vulnerability | ||||
| CVE-2023-47081 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2025-05-22 | 5.5 Medium |
| Adobe Substance 3D Stager versions 2.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-47074 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-05-22 | 7.8 High |
| Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2020-36521 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2025-05-22 | 7.1 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents. | ||||
| CVE-2022-32853 | 1 Apple | 2 Mac Os X, Macos | 2025-05-22 | 7.1 High |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. | ||||
| CVE-2022-32851 | 1 Apple | 2 Mac Os X, Macos | 2025-05-22 | 7.1 High |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory. | ||||
| CVE-2022-32842 | 1 Apple | 2 Mac Os X, Macos | 2025-05-22 | 7.8 High |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. An app may be able to gain elevated privileges. | ||||