Total
7759 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38404 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-02-05 | N/A | 7.5 HIGH |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. | |||||
| CVE-2024-38414 | 1 Qualcomm | 58 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 55 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing information on firmware image during core initialization. | |||||
| CVE-2024-38416 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, C-v2x 9150 and 141 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure during audio playback. | |||||
| CVE-2024-38417 | 1 Qualcomm | 112 Ar8035, Ar8035 Firmware, C-v2x 9150 and 109 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing IO control commands. | |||||
| CVE-2023-1255 | 1 Openssl | 1 Openssl | 2025-02-04 | N/A | 5.9 MEDIUM |
| Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash in rare circumstances. The AES-XTS algorithm is usually used for disk encryption. The AES-XTS cipher decryption implementation for 64 bit ARM platform will read past the end of the ciphertext buffer if the ciphertext size is 4 mod 5 in 16 byte blocks, e.g. 144 bytes or 1024 bytes. If the memory after the ciphertext buffer is unmapped, this will trigger a crash which results in a denial of service. If an attacker can control the size and location of the ciphertext buffer being decrypted by an application using AES-XTS on 64 bit ARM, the application is affected. This is fairly unlikely making this issue a Low severity one. | |||||
| CVE-2023-20870 | 1 Vmware | 2 Fusion, Workstation | 2025-02-04 | N/A | 6.0 MEDIUM |
| VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. | |||||
| CVE-2024-32041 | 2 Fedoraproject, Freerdp | 2 Fedora, Freerdp | 2025-02-04 | N/A | 9.8 CRITICAL |
| FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/bpp` or `/rfx` options instead. | |||||
| CVE-2024-32662 | 2 Fedoraproject, Freerdp | 2 Fedora, Freerdp | 2025-02-04 | N/A | 7.5 HIGH |
| FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when `WCHAR` string is read with twice the size it has and converted to `UTF-8`, `base64` decoded. The string is only used to compare against the redirection server certificate. Version 3.5.1 contains a patch for the issue. No known workarounds are available. | |||||
| CVE-2023-25514 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-02-04 | N/A | 5.3 MEDIUM |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds read by tricking a user into running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. | |||||
| CVE-2025-20640 | 2 Google, Mediatek | 44 Android, Mt6739, Mt6761 and 41 more | 2025-02-04 | N/A | 4.3 MEDIUM |
| In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291146; Issue ID: MSV-2059. | |||||
| CVE-2025-20643 | 2 Google, Mediatek | 44 Android, Mt6739, Mt6761 and 41 more | 2025-02-04 | N/A | 3.9 LOW |
| In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS09291146; Issue ID: MSV-2056. | |||||
| CVE-2025-0437 | 1 Google | 1 Chrome | 2025-02-03 | N/A | 8.8 HIGH |
| Out of bounds read in Metrics in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-46670 | 1 Fortinet | 1 Fortios | 2025-01-31 | N/A | 7.5 HIGH |
| AnĀ Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests. | |||||
| CVE-2024-0154 | 1 Dell | 248 Dss 8440, Dss 8440 Firmware, Emc Xc Core 6420 System and 245 more | 2025-01-31 | N/A | 3.8 LOW |
| Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory. | |||||
| CVE-2024-0173 | 1 Dell | 248 Dss 8440, Dss 8440 Firmware, Emc Xc Core 6420 System and 245 more | 2025-01-31 | N/A | 3.8 LOW |
| Dell PowerEdge Server BIOS and Dell Precision Rack BIOS contain an improper parameter initialization vulnerability. A local low privileged attacker could potentially exploit this vulnerability to read the contents of non-SMM stack memory. | |||||
| CVE-2023-21118 | 1 Google | 1 Android | 2025-01-31 | N/A | 5.5 MEDIUM |
| In unflattenString8 of Sensor.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-269014004 | |||||
| CVE-2023-27892 | 1 Shapeshift | 2 Keepkey, Keepkey Firmware | 2025-01-30 | N/A | 3.8 LOW |
| Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet. | |||||
| CVE-2022-40302 | 2 Debian, Frrouting | 2 Debian Linux, Frrouting | 2025-01-30 | N/A | 6.5 MEDIUM |
| An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. | |||||
| CVE-2023-29942 | 1 Llvm | 1 Llvm | 2025-01-29 | N/A | 5.5 MEDIUM |
| llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType. | |||||
| CVE-2023-29941 | 1 Llvm | 1 Llvm | 2025-01-29 | N/A | 5.5 MEDIUM |
| llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp. | |||||