Total
7198 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-39540 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-02-12 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet. | |||||
| CVE-2023-39541 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-02-12 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet. | |||||
| CVE-2023-27727 | 1 F5 | 1 Njs | 2025-02-12 | N/A | 7.5 HIGH |
| Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_function_frame at src/njs_function.h. | |||||
| CVE-2023-20688 | 2 Google, Mediatek | 72 Android, Mt2715, Mt6580 and 69 more | 2025-02-12 | N/A | 4.4 MEDIUM |
| In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441821; Issue ID: ALPS07441821. | |||||
| CVE-2023-20679 | 4 Google, Linux, Mediatek and 1 more | 38 Android, Linux Kernel, Mt5221 and 35 more | 2025-02-12 | N/A | 4.4 MEDIUM |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588453. | |||||
| CVE-2023-20676 | 4 Google, Linux, Mediatek and 1 more | 38 Android, Linux Kernel, Mt5221 and 35 more | 2025-02-12 | N/A | 4.4 MEDIUM |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518. | |||||
| CVE-2020-36074 | 1 Tailor Mangement System Project | 1 Tailor Mangement System | 2025-02-12 | N/A | 8.8 HIGH |
| SQL injection vulnerability found in Tailor Mangement System v.1 allows a remote attacker to execute arbitrary code via the title parameter. | |||||
| CVE-2025-20905 | 1 Samsung | 1 Android | 2025-02-12 | N/A | 6.3 MEDIUM |
| Out-of-bounds read and write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to read and write out-of-bounds memory. | |||||
| CVE-2025-20891 | 1 Samsung | 1 Android | 2025-02-12 | N/A | 5.3 MEDIUM |
| Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability. | |||||
| CVE-2025-20887 | 1 Samsung | 1 Android | 2025-02-12 | N/A | 5.3 MEDIUM |
| Out-of-bounds read in accessing table used for svp8t in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability. | |||||
| CVE-2024-24584 | 1 Libigl | 1 Libigl | 2025-02-11 | N/A | 4.3 MEDIUM |
| Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns the`readMSH` function while processing `MshLoader::ELEMENT_TET` elements. | |||||
| CVE-2024-24583 | 1 Libigl | 1 Libigl | 2025-02-11 | N/A | 4.3 MEDIUM |
| Multiple out-of-bounds read vulnerabilities exist in the readMSH functionality of libigl v2.5.0. A specially crafted .msh file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.This vulnerabilitty concerns the`readMSH` function while processing `MshLoader::ELEMENT_TRI` elements. | |||||
| CVE-2023-27730 | 1 F5 | 1 Njs | 2025-02-11 | N/A | 7.5 HIGH |
| Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c. | |||||
| CVE-2023-22808 | 1 Arm | 3 Avalon Android Gralloc Module, Bifrost Android Gralloc Module, Valhall Android Gralloc Module | 2025-02-11 | N/A | 3.3 LOW |
| An issue was discovered in the Arm Android Gralloc Module. A non-privileged user can read a small portion of the allocator process memory. This affects Bifrost r24p0 through r41p0 before r42p0, Valhall r24p0 through r41p0 before r42p0, and Avalon r41p0 before r42p0. | |||||
| CVE-2023-27728 | 1 F5 | 1 Njs | 2025-02-11 | N/A | 7.5 HIGH |
| Nginx NJS v0.7.10 was discovered to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c. | |||||
| CVE-2024-54090 | 2025-02-11 | N/A | 5.9 MEDIUM | ||
| A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC Series (BACnet) (All versions). Affected devices contain an out-of-bounds read in the memory dump function. This could allow an attacker with Medium (MED) or higher privileges to cause the device to enter an insecure cold start state. | |||||
| CVE-2024-20882 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 4.6 MEDIUM |
| Out-of-bounds read vulnerability in bootloader prior to SMR June-2024 Release 1 allows physical attackers to arbitrary data access. | |||||
| CVE-2024-20836 | 1 Samsung | 1 Android | 2025-02-10 | N/A | 3.3 LOW |
| Out of bounds Read vulnerability in ssmis_get_frm in libsubextractor.so prior to SMR Mar-2024 Release 1 allows local attackers to read out of bounds memory. | |||||
| CVE-2023-29576 | 1 Axiosys | 1 Bento4 | 2025-02-10 | N/A | 5.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h. | |||||
| CVE-2023-38252 | 3 Fedoraproject, Redhat, Tats | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2025-02-08 | N/A | 4.7 MEDIUM |
| An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. | |||||