Total
7204 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49127 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-49126 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-49125 | 1 Siemens | 3 Parasolid, Solid Edge Se2023, Solid Edge Se2024 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.263), Parasolid V35.1 (All versions < V35.1.252), Parasolid V36.0 (All versions < V36.0.198), Solid Edge SE2023 (All versions < V223.0 Update 11), Solid Edge SE2024 (All versions < V224.0 Update 3). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted files containing XT format. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-49124 | 1 Siemens | 1 Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2023-49118 | 1 Openatom | 1 Openharmony | 2024-11-21 | N/A | 2.9 LOW |
| in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read. | |||||
| CVE-2023-49100 | 2024-11-21 | N/A | 4.4 MEDIUM | ||
| Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be any arbitrary value passing checks in the function plat_ic_is_sgi. A compromised Normal World (Linux kernel) can enable a root-privileged attacker to issue arbitrary SMC calls. Using this primitive, he can control the content of registers x0 through x6, which are used to send parameters to TF-A. Out-of-bounds addresses can be read in the context of TF-A (EL3). Because the read value is never returned to non-secure memory or in registers, no leak is possible. An attacker can still crash TF-A, however. | |||||
| CVE-2023-48736 | 1 Color | 1 Demoiccmax | 2024-11-21 | N/A | 6.5 MEDIUM |
| In International Color Consortium DemoIccMAX 3e7948b, CIccCLUT::Interp2d in IccTagLut.cpp in libSampleICC.a has an out-of-bounds read. | |||||
| CVE-2023-48638 | 1 Adobe | 1 Substance 3d Designer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-48637 | 1 Adobe | 1 Substance 3d Designer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-48636 | 1 Adobe | 1 Substance 3d Designer | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-48635 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-48413 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.9 MEDIUM |
| In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-48411 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | |||||
| CVE-2023-48410 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
| In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-48408 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | |||||
| CVE-2023-48401 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.5 MEDIUM |
| In GetSizeOfEenlRecords of protocoladapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-48397 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.9 MEDIUM |
| In Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-48347 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2023-48344 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | |||||
| CVE-2023-48341 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | |||||