Total
8583 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-0030 | 1 Google | 1 Android | 2024-12-16 | 5.5 Medium |
| In btif_to_bta_response of btif_gatt_util.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-56083 | 2024-12-16 | 8.1 High | ||
| Cognition Devin before 2024-12-12 provides write access to code by an attacker who discovers the https://vscode-randomly_generated_string.devinapps.com URL (aka the VSCode live share URL) for a specific "Use Devin's Machine" session. For example, this URL may be discovered if a customer posts a screenshot of a Devin session to social media, or publicly streams their Devin session. | ||||
| CVE-2023-40085 | 1 Google | 1 Android | 2024-12-16 | 3.3 Low |
| In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-0016 | 1 Google | 1 Android | 2024-12-16 | 6.5 Medium |
| In multiple locations, there is a possible out of bounds read due to a missing bounds check. This could lead to paired device information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-12212 | 2024-12-13 | 7.8 High | ||
| The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data structures, resulting in execution of arbitrary code. | ||||
| CVE-2024-9508 | 2024-12-13 | 7.8 High | ||
| Horner Automation Cscape contains a memory corruption vulnerability, which could allow an attacker to disclose information and execute arbitrary code. | ||||
| CVE-2023-40112 | 1 Google | 1 Android | 2024-12-13 | 5.1 Medium |
| In ippSetValueTag of ipp.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of past print jobs or other print-related information, with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-40124 | 1 Google | 1 Android | 2024-12-13 | 5.5 Medium |
| In multiple locations, there is a possible cross-user read due to a confused deputy. This could lead to local information disclosure of photos or other images with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-30281 | 1 Adobe | 1 Substance 3d Designer | 2024-12-12 | 5.5 Medium |
| Substance3D - Designer versions 13.1.1 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-54116 | 1 Huawei | 1 Harmonyos | 2024-12-12 | 4.3 Medium |
| Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | ||||
| CVE-2024-54115 | 1 Huawei | 1 Harmonyos | 2024-12-12 | 4.3 Medium |
| Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-54114 | 1 Huawei | 1 Harmonyos | 2024-12-12 | 4.4 Medium |
| Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-32542 | 1 Fujielectric | 2 Tellus, Tellus Lite | 2024-12-12 | 7.8 High |
| Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution. | ||||
| CVE-2024-53004 | 1 Adobe | 1 Substance 3d Modeler | 2024-12-12 | 5.5 Medium |
| Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-53005 | 1 Adobe | 1 Substance 3d Modeler | 2024-12-12 | 5.5 Medium |
| Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-33056 | 1 Qualcomm | 662 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 659 more | 2024-12-12 | 8.4 High |
| Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | ||||
| CVE-2024-9978 | 1 Openatom | 1 Openharmony | 2024-12-11 | 5.5 Medium |
| in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2024-12082 | 1 Openatom | 1 Openharmony | 2024-12-11 | 5.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2023-35862 | 1 Libcoap | 1 Libcoap | 2024-12-11 | 6.5 Medium |
| libcoap 4.3.1 contains a buffer over-read via the function coap_parse_oscore_conf_mem at coap_oscore.c. | ||||
| CVE-2024-52574 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2024-12-10 | 7.8 High |
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Teamcenter Visualization V2406 (All versions < V2406.0005), Tecnomatix Plant Simulation V2302 (All versions < V2302.0018), Tecnomatix Plant Simulation V2404 (All versions < V2404.0007). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-24543) | ||||