Export limit exceeded: 21544 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9129 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20725 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 5.5 Medium |
| Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20724 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 5.5 Medium |
| Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-20722 | 1 Adobe | 1 Substance 3d Painter | 2024-11-21 | 5.5 Medium |
| Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-1847 | 2024-11-21 | 7.8 High | ||
| Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID. | ||||
| CVE-2023-7242 | 1 Cisa | 1 Icsnpp-ethercat | 2024-11-21 | 8.2 High |
| Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak some information in memory. | ||||
| CVE-2023-6355 | 1 Gallagher | 2 Controller 7000, Controller 7000 Firmware | 2024-11-21 | 6.8 Medium |
| Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug. This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b (distributed in 9.00.1507 (MR1)), 8.90 prior to vCR8.90.231204a (distributed in 8.90.1620 (MR2)), 8.80 prior to vCR8.80.231204a (distributed in 8.80.1369 (MR3)), 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 (MR5)). | ||||
| CVE-2023-6315 | 1 Panasonic | 1 Fpwin Pro | 2024-11-21 | 7.8 High |
| Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file. | ||||
| CVE-2023-5998 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.5 High |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. | ||||
| CVE-2023-5377 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.1 High |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV. | ||||
| CVE-2023-5179 | 1 Opendesign | 1 Drawings Sdk | 2024-11-21 | 7.8 High |
| An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution. | ||||
| CVE-2023-52267 | 1 Hongliuliao | 1 Ehttp | 2024-11-21 | 7.5 High |
| ehttp 1.0.6 before 17405b9 has a simple_log.cpp _log out-of-bounds-read during error logging for long strings. | ||||
| CVE-2023-52152 | 1 Cybergarage | 1 Mupnp For C | 2024-11-21 | 7.5 High |
| mupnp/net/uri.c in mUPnP for C through 3.0.2 has an out-of-bounds read and application crash because it lacks a certain host length recalculation. | ||||
| CVE-2023-51432 | 1 Hihonor | 1 Magic Ui | 2024-11-21 | 3.2 Low |
| Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak. | ||||
| CVE-2023-4778 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4758 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4721 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4272 | 1 Arm | 4 Bifrost Gpu Kernel Driver, Mali Gpu Kernel Driver, Midgard Gpu Kernel Driver and 1 more | 2024-11-21 | 5.5 Medium |
| A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory. | ||||
| CVE-2023-4156 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gawk, Enterprise Linux | 2024-11-21 | 4.4 Medium |
| A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information. | ||||
| CVE-2023-4135 | 3 Fedoraproject, Qemu, Redhat | 4 Fedora, Qemu, Advanced Virtualization and 1 more | 2024-11-21 | 6 Medium |
| A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed. | ||||
| CVE-2023-4020 | 1 Silabs | 1 Gecko Software Development Kit | 2024-11-21 | 9 Critical |
| An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory. | ||||