Total
7972 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-44281 | 1 Apple | 1 Macos | 2024-10-30 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a file may lead to disclosure of user information. | ||||
| CVE-2024-44460 | 1 Emqx | 1 Nanomq | 2024-10-30 | 7.5 High |
| An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2024-44282 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-10-30 | 6.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Parsing a file may lead to disclosure of user information. | ||||
| CVE-2024-44236 | 1 Apple | 1 Macos | 2024-10-30 | 6.5 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
| CVE-2024-45182 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2024-10-29 | 5.5 Medium |
| An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service. | ||||
| CVE-2024-7255 | 1 Google | 1 Chrome | 2024-10-29 | 8.8 High |
| Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-47021 | 1 Google | 1 Android | 2024-10-28 | 5.1 Medium |
| In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-48208 | 1 Pureftpd | 1 Pure-ftpd | 2024-10-28 | 8.6 High |
| pure-ftpd before 1.0.52 is vulnerable to Buffer Overflow. There is an out of bounds read in the domlsd() function of the ls.c file. | ||||
| CVE-2024-47018 | 1 Google | 1 Android | 2024-10-28 | 5.5 Medium |
| In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-47019 | 1 Google | 1 Android | 2024-10-28 | 5.5 Medium |
| In ProtocolEmbmsSaiListAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. | ||||
| CVE-2024-47026 | 1 Google | 2 Android, Pixel | 2024-10-28 | 5.1 Medium |
| In gsc_gsa_rescue of gsc_gsa.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-47028 | 1 Google | 2 Android, Pixel | 2024-10-28 | 5.1 Medium |
| In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-47029 | 1 Google | 2 Android, Pixel | 2024-10-28 | 5.1 Medium |
| In TrustySharedMemoryManager::GetSharedMemory of ondevice/trusty/trusty_shared_memory_manager.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-47034 | 1 Google | 2 Android, Pixel | 2024-10-28 | 5.1 Medium |
| there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-20097 | 2 Google, Mediatek | 14 Android, Mt6761, Mt6765 and 11 more | 2024-10-27 | 4.4 Medium |
| In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1630. | ||||
| CVE-2024-20096 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6739 and 24 more | 2024-10-27 | 4.4 Medium |
| In m4u, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996900; Issue ID: MSV-1635. | ||||
| CVE-2024-20095 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6739 and 24 more | 2024-10-27 | 4.4 Medium |
| In m4u, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996894; Issue ID: MSV-1636. | ||||
| CVE-2024-20093 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-10-27 | 4.4 Medium |
| In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1699. | ||||
| CVE-2024-20091 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-10-27 | 4.4 Medium |
| In vdec, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1701. | ||||
| CVE-2024-20085 | 5 Google, Linuxfoundation, Mediatek and 2 more | 43 Android, Yocto, Mt6580 and 40 more | 2024-10-27 | 4.4 Medium |
| In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08944204; Issue ID: MSV-1560. | ||||