Total
6166 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-51439 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-01-11 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2021-3600 | 4 Canonical, Fedoraproject, Linux and 1 more | 4 Ubuntu Linux, Fedora, Linux Kernel and 1 more | 2024-01-11 | N/A | 7.8 HIGH |
| It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. | |||||
| CVE-2024-0322 | 1 Gpac | 1 Gpac | 2024-01-11 | N/A | 9.1 CRITICAL |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-49124 | 1 Siemens | 1 Solid Edge Se2023 | 2024-01-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-49126 | 1 Siemens | 1 Solid Edge Se2023 | 2024-01-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-49127 | 1 Siemens | 1 Solid Edge Se2023 | 2024-01-10 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2016-10165 | 6 Canonical, Debian, Littlecms and 3 more | 19 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 16 more | 2024-01-10 | 5.8 MEDIUM | 7.1 HIGH |
| The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. | |||||
| CVE-2023-52267 | 1 Hongliuliao | 1 Ehttp | 2024-01-09 | N/A | 7.5 HIGH |
| ehttp 1.0.6 before 17405b9 has a simple_log.cpp _log out-of-bounds-read during error logging for long strings. | |||||
| CVE-2024-0207 | 1 Wireshark | 1 Wireshark | 2024-01-09 | N/A | 7.5 HIGH |
| HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file | |||||
| CVE-2023-4280 | 1 Silabs | 1 Gecko Software Development Kit | 2024-01-09 | N/A | 9.8 CRITICAL |
| An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region. | |||||
| CVE-2023-49552 | 1 Cesanta | 1 Mjs | 2024-01-09 | N/A | 7.5 HIGH |
| An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file. | |||||
| CVE-2023-46603 | 1 Color | 1 Demoiccmax | 2024-01-09 | N/A | 8.8 HIGH |
| In International Color Consortium DemoIccMAX 79ecb74, there is an out-of-bounds read in the CIccPRMG::GetChroma function in IccProfLib/IccPrmg.cpp in libSampleICC.a. | |||||
| CVE-2023-27857 | 1 Rockwellautomation | 1 Thinmanager | 2024-01-09 | N/A | 7.5 HIGH |
| In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation. | |||||
| CVE-2023-26157 | 1 Gnu | 1 Libredwg | 2024-01-08 | N/A | 7.5 HIGH |
| Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. | |||||
| CVE-2023-51713 | 1 Proftpd | 1 Proftpd | 2024-01-08 | N/A | 7.5 HIGH |
| make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics. | |||||
| CVE-2023-32206 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-01-07 | N/A | 6.5 MEDIUM |
| An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. | |||||
| CVE-2023-51432 | 1 Hihonor | 1 Magic Ui | 2024-01-05 | N/A | 5.5 MEDIUM |
| Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak. | |||||
| CVE-2023-52152 | 1 Cybergarage | 1 Mupnp For C | 2024-01-05 | N/A | 7.5 HIGH |
| mupnp/net/uri.c in mUPnP for C through 3.0.2 has an out-of-bounds read and application crash because it lacks a certain host length recalculation. | |||||
| CVE-2023-38678 | 1 Paddlepaddle | 1 Paddlepaddle | 2024-01-05 | N/A | 7.5 HIGH |
| OOB access in paddle.mode in PaddlePaddle before 2.6.0. This flaw can cause a runtime crash and a denial of service. | |||||
| CVE-2023-32880 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2024-01-05 | N/A | 4.4 MEDIUM |
| In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076. | |||||