Vulnerabilities (CVE)

Filtered by CWE-125
Total 7184 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-5747 2 Busybox, Canonical 2 Busybox, Ubuntu Linux 2025-06-09 5.0 MEDIUM 7.5 HIGH
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP client, server, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679.
CVE-2019-25013 5 Broadcom, Debian, Fedoraproject and 2 more 10 Fabric Operating System, Debian Linux, Fedora and 7 more 2025-06-09 7.1 HIGH 5.9 MEDIUM
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
CVE-2018-20679 2 Busybox, Canonical 2 Busybox, Ubuntu Linux 2025-06-09 5.0 MEDIUM 7.5 HIGH
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.
CVE-2022-29458 3 Apple, Debian, Gnu 3 Macos, Debian Linux, Ncurses 2025-06-09 5.8 MEDIUM 7.1 HIGH
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.
CVE-2021-3998 2 Gnu, Netapp 12 Glibc, H300s, H300s Firmware and 9 more 2025-06-09 N/A 7.5 HIGH
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.
CVE-2024-22705 1 Linux 1 Linux Kernel 2025-06-05 N/A 7.8 HIGH
An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.
CVE-2024-35423 1 Lonelycoder 1 Vmir 2025-06-05 N/A 7.8 HIGH
vmir e8117 was discovered to contain a heap buffer overflow via the wasm_parse_section_functions function at /src/vmir_wasm_parser.c.
CVE-2025-1254 1 Rti 1 Connext Professional 2025-06-05 N/A 7.4 HIGH
Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.0.0 before 6.1.2.23.
CVE-2025-5200 1 Assimp 1 Assimp 2025-06-05 1.7 LOW 3.3 LOW
A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDLImporter::InternReadFile_Quake1 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.
CVE-2025-5201 1 Assimp 1 Assimp 2025-06-05 1.7 LOW 3.3 LOW
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as problematic. Affected is the function LWOImporter::CountVertsAndFacesLWO2 of the file assimp/code/AssetLib/LWO/LWOLoader.cpp. The manipulation leads to out-of-bounds read. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.
CVE-2025-5202 1 Assimp 1 Assimp 2025-06-05 1.7 LOW 3.3 LOW
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as problematic. Affected by this vulnerability is the function HL1MDLLoader::validate_header of the file assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.
CVE-2025-5203 1 Assimp 1 Assimp 2025-06-05 1.7 LOW 3.3 LOW
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function SkipSpaces in the library assimp/include/assimp/ParsingUtils.h. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.
CVE-2025-5204 1 Assimp 1 Assimp 2025-06-05 1.7 LOW 3.3 LOW
A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::ParseSkinLump_3DGS_MDL7 of the file assimp/code/AssetLib/MDL/MDLMaterialLoader.cpp. The manipulation leads to out-of-bounds read. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.
CVE-2022-23089 1 Freebsd 1 Freebsd 2025-06-04 N/A 4.7 MEDIUM
When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash.
CVE-2025-40578 1 Siemens 2 Scalance Lpe9403, Scalance Lpe9403 Firmware 2025-06-04 N/A 4.3 MEDIUM
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly handle multiple incoming Profinet packets received in rapid succession. An unauthenticated remote attacker can exploit this flaw by sending multiple packets in a very short time frame, which leads to a crash of the dcpd process.
CVE-2025-40577 1 Siemens 2 Scalance Lpe9403, Scalance Lpe9403 Firmware 2025-06-04 N/A 4.3 MEDIUM
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions). Affected devices do not properly validate incoming Profinet packets. An unauthenticated remote attacker can exploit this flaw by sending a specially crafted malicious packet, which leads to a crash of the dcpd process.
CVE-2025-47295 1 Fortinet 1 Fortios 2025-06-04 N/A 3.7 LOW
A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon via a specially crafted request, under rare conditions that are outside of the attacker's control.
CVE-2024-35367 1 Ffmpeg 1 Ffmpeg 2025-06-03 N/A 9.1 CRITICAL
FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer
CVE-2025-5169 1 Assimp 1 Assimp 2025-06-03 1.7 LOW 3.3 LOW
A vulnerability classified as problematic has been found in Open Asset Import Library Assimp 5.4.3. This affects the function MDLImporter::InternReadFile_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.
CVE-2025-5168 1 Assimp 1 Assimp 2025-06-03 1.7 LOW 3.3 LOW
A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as problematic. Affected by this issue is the function MDLImporter::ImportUVCoordinate_3DGS_MDL345 of the file assimp/code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument iIndex leads to out-of-bounds read. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future.