Total
7759 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0006 | 1 Qualcomm | 1 Qpopper | 2025-04-03 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command. | |||||
| CVE-1999-0029 | 1 Sgi | 1 Irix | 2025-04-03 | 7.2 HIGH | 8.4 HIGH |
| root privileges via buffer overflow in ordist command on SGI IRIX systems. | |||||
| CVE-2004-0183 | 1 Tcpdump | 1 Tcpdump | 2025-04-03 | 5.0 MEDIUM | N/A |
| TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. | |||||
| CVE-2004-0421 | 4 Libpng, Openpkg, Redhat and 1 more | 6 Libpng, Openpkg, Enterprise Linux and 3 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message. | |||||
| CVE-1999-0022 | 6 Bsdi, Freebsd, Hp and 3 more | 7 Bsd Os, Freebsd, Hp-ux and 4 more | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. | |||||
| CVE-2021-47478 | 1 Linux | 1 Linux Kernel | 2025-04-02 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: isofs: Fix out of bound access for corrupted isofs image When isofs image is suitably corrupted isofs_read_inode() can read data beyond the end of buffer. Sanity-check the directory entry length before using it. | |||||
| CVE-2021-47308 | 1 Linux | 1 Linux Kernel | 2025-04-02 | N/A | 6.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: scsi: libfc: Fix array index out of bound exception Fix array index out of bound exception in fc_rport_prli_resp(). | |||||
| CVE-2025-27788 | 1 Ruby-lang | 1 Javascript Object Notation | 2025-04-02 | N/A | 7.5 HIGH |
| JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions prior to 2.10.0 are not vulnerable. Version 2.10.2 fixes the problem. No known workarounds are available. | |||||
| CVE-2025-1914 | 1 Google | 1 Chrome | 2025-04-01 | N/A | 8.8 HIGH |
| Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-1918 | 1 Google | 1 Chrome | 2025-04-01 | N/A | 8.8 HIGH |
| Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium) | |||||
| CVE-2025-1919 | 1 Google | 1 Chrome | 2025-04-01 | N/A | 8.8 HIGH |
| Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2024-36960 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-04-01 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drm_event to the size of the structure that's actually used. The length of the drm_event was set to the parent structure instead of to the drm_vmw_event_fence which is supposed to be read. drm_read uses the length parameter to copy the event to the user space thus resuling in oob reads. | |||||
| CVE-2021-47586 | 1 Linux | 1 Linux Kernel | 2025-04-01 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: net: stmmac: dwmac-rk: fix oob read in rk_gmac_setup KASAN reports an out-of-bounds read in rk_gmac_setup on the line: while (ops->regs[i]) { This happens for most platforms since the regs flexible array member is empty, so the memory after the ops structure is being read here. It seems that mostly this happens to contain zero anyway, so we get lucky and everything still works. To avoid adding redundant data to nearly all the ops structures, add a new flag to indicate whether the regs field is valid and avoid this loop when it is not. | |||||
| CVE-2024-29943 | 1 Mozilla | 1 Firefox | 2025-04-01 | N/A | 9.8 CRITICAL |
| An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox < 124.0.1. | |||||
| CVE-2024-3859 | 2 Debian, Mozilla | 3 Debian Linux, Firefox, Thunderbird | 2025-04-01 | N/A | 5.9 MEDIUM |
| On 32-bit versions there were integer-overflows that led to an out-of-bounds-read that potentially could be triggered by a malformed OpenType font. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | |||||
| CVE-2024-3854 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-01 | N/A | 8.8 HIGH |
| In some code patterns the JIT incorrectly optimized switch statements and generated code with out-of-bounds-reads. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10. | |||||
| CVE-2024-26334 | 1 Swftools | 1 Swftools | 2025-04-01 | N/A | 6.2 MEDIUM |
| swftools v0.9.2 was discovered to contain a segmentation violation via the function compileSWFActionCode at swftools/lib/action/actioncompiler.c. | |||||
| CVE-2024-24452 | 2025-03-31 | N/A | 5.9 MEDIUM | ||
| An invalid memory access when handling the ProtocolIE_ID field of E-RAB Release Indication messages in Athonet vEPC MME v11.4.0 allows attackers to cause a Denial of Service (DoS) to the cellular network by repeatedly initiating connections and sending a crafted payload. | |||||
| CVE-2024-3855 | 1 Mozilla | 1 Firefox | 2025-03-31 | N/A | 6.5 MEDIUM |
| In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125. | |||||
| CVE-2024-43565 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-03-28 | N/A | 7.5 HIGH |
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||||