Total
7547 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-40739 | 1 Siemens | 1 Solid Edge | 2025-08-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2025-5318 | 2 Libssh, Redhat | 3 Libssh, Enterprise Linux, Openshift Container Platform | 2025-08-21 | N/A | 5.4 MEDIUM |
| A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior. | |||||
| CVE-2025-5046 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-08-20 | N/A | 7.8 HIGH |
| A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-46891 | 1 Siemens | 1 Sinec Ins | 2025-08-20 | N/A | 5.3 MEDIUM |
| A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition. | |||||
| CVE-2025-54623 | 1 Huawei | 1 Harmonyos | 2025-08-20 | N/A | 6.3 MEDIUM |
| Out-of-bounds read vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-32055 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-32060 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21565) | |||||
| CVE-2024-32059 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21564) | |||||
| CVE-2024-32061 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21566) | |||||
| CVE-2024-32064 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21575) | |||||
| CVE-2024-32065 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21577) | |||||
| CVE-2024-32066 | 1 Siemens | 2 Ps\/iges Parasolid Translator, Simcenter Femap | 2025-08-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21578) | |||||
| CVE-2025-40764 | 1 Siemens | 1 Simcenter Femap | 2025-08-20 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-4458 | 1 Linux | 1 Linux Kernel | 2025-08-19 | N/A | 4.0 MEDIUM |
| A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE. | |||||
| CVE-2025-9136 | 2025-08-19 | 4.3 MEDIUM | 5.3 MEDIUM | ||
| A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2025-6635 | 1 Autodesk | 16 3ds Max, Advance Steel, Autocad and 13 more | 2025-08-19 | N/A | 7.8 HIGH |
| A maliciously crafted PRT file, when linked or imported into certain Autodesk products, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-6632 | 1 Autodesk | 1 3ds Max | 2025-08-19 | N/A | 5.3 MEDIUM |
| A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-5042 | 1 Autodesk | 1 Revit | 2025-08-19 | N/A | 7.8 HIGH |
| A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1659 | 1 Autodesk | 1 Navisworks | 2025-08-19 | N/A | 7.8 HIGH |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-1658 | 1 Autodesk | 1 Navisworks | 2025-08-19 | N/A | 7.8 HIGH |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||