Vulnerabilities (CVE)

Filtered by CWE-125
Total 7258 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-34292 1 Siemens 2 Jt2go, Teamcenter Visualization 2024-11-21 6.8 MEDIUM 7.8 HIGH
A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Tiff_loader.dll library in affected applications lacks proper validation of user-supplied data when parsing TIFF files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12959)
CVE-2021-34121 1 Htmldoc Project 1 Htmldoc 2024-11-21 N/A 7.8 HIGH
An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parse_tree() in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution.
CVE-2021-34085 1 Glensawyer 1 Mp3gain 2024-11-21 7.5 HIGH 9.8 CRITICAL
Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872. CVE-2017-14409, and CVE-2018-10778.
CVE-2021-34070 1 Tsmuxer Project 1 Tsmuxer 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
CVE-2021-33738 1 Siemens 2 Jt2go, Teamcenter Visualization 2024-11-21 4.3 MEDIUM 3.3 LOW
A vulnerability has been identified in JT2Go (All versions < V13.2.0.2), Teamcenter Visualization (All versions < V13.2.0.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13405)
CVE-2021-33650 1 Mindspore 1 Mindspore 2024-11-21 5.0 MEDIUM 7.5 HIGH
When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers.
CVE-2021-33649 1 Mindspore 1 Mindspore 2024-11-21 5.0 MEDIUM 7.5 HIGH
When performing the inference shape operation of the Transpose operator, if the value in the perm element is greater than or equal to the size of the input_shape, it will access data outside of bounds of input_shape which allocated from heap buffers.
CVE-2021-33648 1 Mindspore 1 Mindspore 2024-11-21 5.0 MEDIUM 7.5 HIGH
When performing the inference shape operation of Affine, Concat, MatMul, ArgMinMax, EmbeddingLookup, and Gather operators, if the input shape size is 0, it will access data outside of bounds of shape which allocated from heap buffers.
CVE-2021-33590 1 Labapart 1 Gattlib 2024-11-21 7.5 HIGH 9.8 CRITICAL
GattLib 0.3-rc1 has a stack-based buffer over-read in get_device_path_from_mac in dbus/gattlib.c.
CVE-2021-33367 1 Freeimage Project 1 Freeimage 2024-11-21 N/A 5.5 MEDIUM
Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR file.
CVE-2021-33293 2 Debian, Libpano13 Project 2 Debian Linux, Libpano13 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c.
CVE-2021-32990 1 Fatek 1 Winproladder 2024-11-21 7.5 HIGH 9.8 CRITICAL
FATEK Automation WinProladder Versions 3.30 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code.
CVE-2021-32975 1 Hornerautomation 1 Cscape 2024-11-21 6.8 MEDIUM 7.8 HIGH
Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute code in the context of the current process.
CVE-2021-32950 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 5.8 MEDIUM 7.1 HIGH
An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations.
CVE-2021-32940 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 5.8 MEDIUM 7.1 HIGH
An out-of-bounds read issue exists in the DWG file-recovering procedure in the Drawings SDK (All versions prior to 2022.5) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allow attackers to cause a denial-of-service condition or read sensitive information from memory locations.
CVE-2021-32938 2 Opendesign, Siemens 4 Drawings Sdk, Comos, Jt2go and 1 more 2024-11-21 5.8 MEDIUM 7.1 HIGH
Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-of-bounds read due to parsing of DWG files resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of service condition or read sensitive information from memory.
CVE-2021-32847 1 Mobyproject 1 Hyperkit 2024-11-21 N/A 7.1 HIGH
HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107 and prior, a malicious guest can trigger a vulnerability in the host by abusing the disk driver that may lead to the disclosure of the host memory into the virtualized guest. This issue is fixed in commit cf60095a4d8c3cb2e182a14415467afd356e982f.
CVE-2021-32761 3 Debian, Fedoraproject, Redislabs 3 Debian Linux, Fedora, Redis 2024-11-21 6.0 MEDIUM 7.5 HIGH
Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis `*BIT*` command are vulnerable to integer overflow that can potentially be exploited to corrupt the heap, leak arbitrary heap contents or trigger remote code execution. The vulnerability involves changing the default `proto-max-bulk-len` configuration parameter to a very large value and constructing specially crafted commands bit commands. This problem only affects Redis on 32-bit platforms, or compiled as a 32-bit binary. Redis versions 5.0.`3m 6.0.15, and 6.2.5 contain patches for this issue. An additional workaround to mitigate the problem without patching the `redis-server` executable is to prevent users from modifying the `proto-max-bulk-len` configuration parameter. This can be done using ACL to restrict unprivileged users from using the CONFIG SET command.
CVE-2021-32672 6 Debian, Fedoraproject, Netapp and 3 more 8 Debian Linux, Fedora, Management Services For Element Software and 5 more 2024-11-21 4.0 MEDIUM 5.3 MEDIUM
Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support (3.2 or newer). The problem is fixed in versions 6.2.6, 6.0.16 and 5.0.14.
CVE-2021-32614 1 Dmg2img Project 1 Dmg2img 2024-11-21 5.8 MEDIUM 7.1 HIGH
A flaw was found in dmg2img through 20170502. fill_mishblk() does not check the length of the read buffer, and copy 0xCC bytes from it. The length of the buffer is controlled by an attacker. By providing a length smaller than 0xCC, memcpy reaches out of the malloc'ed bound. This possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution.