Total
7228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46317 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-16 | N/A | 7.5 HIGH |
| The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability. | |||||
| CVE-2024-25392 | 1 Rt-thread | 1 Rt-thread | 2025-04-16 | N/A | 5.9 MEDIUM |
| An out-of-bounds access occurs in utilities/var_export/var_export.c in RT-Thread through 5.0.2. | |||||
| CVE-2024-34246 | 1 Wasm3 Project | 1 Wasm3 | 2025-04-16 | N/A | 7.5 HIGH |
| wasm3 v0.5.0 was discovered to contain an out-of-bound memory read which leads to segmentation fault via the function "main" in wasm3/platforms/app/main.c. | |||||
| CVE-2022-22742 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-16 | N/A | 6.5 MEDIUM |
| When inserting text while in edit mode, some characters might have lead to out-of-bounds memory access causing a potentially exploitable crash. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | |||||
| CVE-2022-28285 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-16 | N/A | 6.5 MEDIUM |
| When generating the assembly code for <code>MLoadTypedArrayElementHole</code>, an incorrect AliasSet was used. In conjunction with another vulnerability this could have been used for an out of bounds memory read. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8. | |||||
| CVE-2025-27204 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-04-15 | N/A | 5.5 MEDIUM |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27202 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-04-15 | N/A | 5.5 MEDIUM |
| Animate versions 24.0.7, 23.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27201 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-04-15 | N/A | 5.5 MEDIUM |
| Animate versions 24.0.7, 23.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-31747 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-15 | N/A | 9.8 CRITICAL |
| Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | |||||
| CVE-2024-11679 | 2025-04-15 | N/A | 4.4 MEDIUM | ||
| An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory. | |||||
| CVE-2025-31354 | 2025-04-15 | N/A | 4.3 MEDIUM | ||
| Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters. | |||||
| CVE-2025-29834 | 2025-04-15 | N/A | 7.5 HIGH | ||
| Out-of-bounds read in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-32776 | 2025-04-15 | N/A | 5.5 MEDIUM | ||
| OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the `matrix_custom_frame` file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will be written into the RGB arguments which will be sent to the USB device. This issue has been patched in v3.10.2. | |||||
| CVE-2025-32914 | 2025-04-15 | N/A | 7.4 HIGH | ||
| A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. | |||||
| CVE-2025-32906 | 2025-04-15 | N/A | 7.5 HIGH | ||
| A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. | |||||
| CVE-2024-33763 | 1 Sammycage | 1 Lunasvg | 2025-04-15 | N/A | 7.5 HIGH |
| lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp. | |||||
| CVE-2024-33767 | 1 Sammycage | 1 Lunasvg | 2025-04-15 | N/A | 5.0 MEDIUM |
| lunasvg v2.3.9 was discovered to contain a segmentation violation via the component composition_solid_source. | |||||
| CVE-2025-21905 | 1 Linux | 1 Linux Kernel | 2025-04-15 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perhaps even read beyond the end of the file buffer. Fix that by limiting the print format to the size of the buffer we have. | |||||
| CVE-2022-3266 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-15 | N/A | 5.5 MEDIUM |
| An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105. | |||||
| CVE-2022-28228 | 1 Ydb | 1 Ydb | 2025-04-15 | N/A | 9.1 CRITICAL |
| Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash. | |||||