Total
7184 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-29739 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
In tmu_get_temp_lut of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-29738 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.5 MEDIUM |
In gov_init, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-27231 | 1 Google | 1 Android | 2025-06-17 | N/A | 5.9 MEDIUM |
In tmu_get_tr_stats of tmu.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-25201 | 1 Espruino | 1 Espruino | 2025-06-17 | N/A | 7.5 HIGH |
Espruino 2v20 (commit fcc9ba4) was discovered to contain an Out-of-bounds Read via jsvStringIteratorPrintfCallback at src/jsvar.c. | |||||
CVE-2024-28756 | 1 Solaredge | 1 Mysolaredge | 2025-06-17 | N/A | 5.9 MEDIUM |
The SolarEdge mySolarEdge application before 2.20.1 for Android has a certificate verification issue that allows a Machine-in-the-middle (MitM) attacker to read and alter all network traffic between the application and the server. | |||||
CVE-2025-32914 | 2025-06-17 | N/A | 7.4 HIGH | ||
A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds. | |||||
CVE-2025-32906 | 2025-06-17 | N/A | 7.5 HIGH | ||
A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server. | |||||
CVE-2024-33781 | 1 Csiro | 1 Multi-protocol Spdz | 2025-06-16 | N/A | 7.5 HIGH |
MP-SPDZ v0.3.8 was discovered to contain a stack overflow via the function octetStream::get_bytes in /Tools/octetStream.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted message. | |||||
CVE-2025-47104 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-06-16 | N/A | 5.5 MEDIUM |
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2025-47105 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-06-16 | N/A | 5.5 MEDIUM |
InDesign Desktop versions ID20.2, ID19.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-42865 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-06-16 | N/A | 6.5 MEDIUM |
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. | |||||
CVE-2023-32880 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-06-16 | N/A | 4.4 MEDIUM |
In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076. | |||||
CVE-2023-32875 | 2 Google, Mediatek | 58 Android, Mt6580, Mt6731 and 55 more | 2025-06-16 | N/A | 4.4 MEDIUM |
In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217. | |||||
CVE-2025-47816 | 1 Gnu | 1 Pspp | 2025-06-16 | N/A | 2.9 LOW |
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxml_parse_attributes out-of-bounds read, related to extra content at the end of a document. | |||||
CVE-2023-53154 | 1 Cjson Project | 1 Cjson | 2025-06-16 | N/A | 2.9 LOW |
parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no trailing newline if cJSON_ParseWithLength is called. | |||||
CVE-2025-24311 | 2025-06-16 | N/A | 8.4 HIGH | ||
An out-of-bounds read vulnerability exists in the cv_send_blockdata functionality of Dell ControlVault3 prior to 5.15.10.14 and Dell ControlVault3 Plus prior to 6.2.26.36. A specially crafted ControlVault API call can lead to an information leak. An attacker can issue an API call to trigger this vulnerability. | |||||
CVE-2025-2884 | 2025-06-13 | N/A | 6.6 MEDIUM | ||
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0 | |||||
CVE-2024-34251 | 1 Bytecodealliance | 1 Webassembly Micro Runtime | 2025-06-13 | N/A | 7.5 HIGH |
An out-of-bound memory read vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause a denial of service via the "block_type_get_arity" function in core/iwasm/interpreter/wasm.h. | |||||
CVE-2025-5918 | 2025-06-12 | N/A | 3.9 LOW | ||
A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition. | |||||
CVE-2025-33060 | 2025-06-12 | N/A | 5.5 MEDIUM | ||
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. |