Vulnerabilities (CVE)

Filtered by CWE-125
Total 7228 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-28555 1 Qualcomm 142 Ar8035, Ar8035 Firmware, Mdm9628 and 139 more 2024-11-21 N/A 7.5 HIGH
Transient DOS in Audio while remapping channel buffer in media codec decoding.
CVE-2023-28543 1 Qualcomm 8 Qcs405, Qcs405 Firmware, Qcs605 and 5 more 2024-11-21 N/A 8.1 HIGH
A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source).
CVE-2023-28542 1 Qualcomm 376 315 5g Iot, 315 5g Iot Firmware, Apq8064au and 373 more 2024-11-21 N/A 7.8 HIGH
Memory Corruption in WLAN HOST while fetching TX status information.
CVE-2023-28541 1 Qualcomm 398 Aqt1000, Aqt1000 Firmware, Ar8031 and 395 more 2024-11-21 N/A 7.8 HIGH
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
CVE-2023-28448 1 Versionize Project 1 Versionize 2024-11-21 N/A 5.7 MEDIUM
Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the ‘Versionize::deserialize’ implementation provided by the ‘versionize’ crate for ‘vmm_sys_utils::fam::FamStructWrapper', which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.
CVE-2023-28445 1 Deno 3 Deno, Deno Runtime, Serde V8 2024-11-21 N/A 9.9 CRITICAL
Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the only version affected is Deno 1.32.0. Deno Deploy users are not affected. The problem has been resolved by disabling resizable ArrayBuffers temporarily in Deno 1.32.1. Deno 1.32.2 will re-enable resizable ArrayBuffers with a proper fix. As a workaround, run with `--v8-flags=--no-harmony-rab-gsab` to disable resizable ArrayBuffers.
CVE-2023-28404 2 Intel, Microsoft 3 Arc A Graphics, Iris Xe Graphics, Windows 2024-11-21 N/A 3.8 LOW
Out-of-bounds read in the Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2023-28376 1 Intel 14 Ethernet Network Adapter E810-2cqda2, Ethernet Network Adapter E810-2cqda2 Firmware, Ethernet Network Adapter E810-cqda1 and 11 more 2024-11-21 N/A 6.5 MEDIUM
Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-28199 1 Apple 1 Macos 2024-11-21 N/A 5.5 MEDIUM
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose kernel memory.
CVE-2023-27950 1 Apple 1 Macos 2024-11-21 N/A 5.5 MEDIUM
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.
CVE-2023-27948 1 Apple 1 Macos 2024-11-21 N/A 5.5 MEDIUM
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.
CVE-2023-27947 1 Apple 1 Macos 2024-11-21 N/A 5.5 MEDIUM
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.
CVE-2023-27939 1 Apple 1 Macos 2024-11-21 N/A 5.5 MEDIUM
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.
CVE-2023-27916 1 Hornerautomation 2 Cscape, Cscape Envisionrv 2024-11-21 N/A 7.8 HIGH
The affected application lacks proper validation of user-supplied data when parsing font files (e.g., FNT). This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to potentially execute arbitrary code in the context of the current process.
CVE-2023-27857 1 Rockwellautomation 1 Thinmanager 2024-11-21 N/A 7.5 HIGH
In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer.  An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.
CVE-2023-27405 1 Siemens 1 Tecnomatix Plant Simulation 2024-11-21 N/A 7.8 HIGH
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20432)
CVE-2023-27402 1 Siemens 1 Tecnomatix Plant Simulation 2024-11-21 N/A 7.8 HIGH
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20334)
CVE-2023-27401 1 Siemens 1 Tecnomatix Plant Simulation 2024-11-21 N/A 7.8 HIGH
A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20308, ZDI-CAN-20345)
CVE-2023-27371 1 Gnu 1 Libmicrohttpd 2024-11-21 N/A 5.9 MEDIUM
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.
CVE-2023-27353 1 Sonos 4 One, One Firmware, S1 and 1 more 2024-11-21 N/A 6.5 MEDIUM
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19846.