Total
8141 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-43110 | 1 Freebsd | 1 Freebsd | 2024-09-05 | 8.4 High |
| The ctl_request_sense function could expose up to three bytes of the kernel heap to userspace. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. | ||||
| CVE-2024-34658 | 1 Samsung | 1 Notes | 2024-09-05 | 4 Medium |
| Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR. | ||||
| CVE-2024-38382 | 1 Openatom | 1 Openharmony | 2024-09-04 | 5.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2024-39612 | 1 Openatom | 1 Openharmony | 2024-09-04 | 5.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2024-39775 | 1 Openatom | 1 Openharmony | 2024-09-04 | 6.5 Medium |
| in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2024-7537 | 1 Ofono Project | 1 Ofono | 2024-08-29 | 5.5 Medium |
| oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SMS message lists. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23157. | ||||
| CVE-2024-7966 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
| Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-42143 | 2024-08-22 | 5.1 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-28074 | 1 Dell | 2 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite | 2024-08-20 | 6.2 Medium |
| Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0, contains an Out-of-bounds Read vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2024-20790 | 1 Adobe | 1 Dimension | 2024-08-19 | 5.5 Medium |
| Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-34125 | 1 Adobe | 1 Dimension | 2024-08-19 | 5.5 Medium |
| Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-34126 | 1 Adobe | 1 Dimension | 2024-08-19 | 5.5 Medium |
| Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-39387 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-08-19 | 5.5 Medium |
| Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-41854 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-08-19 | 5.5 Medium |
| InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-39393 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-08-19 | 7.8 High |
| InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-42478 | 1 Ggerganov | 1 Llama.cpp | 2024-08-16 | 5.3 Medium |
| llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561. | ||||
| CVE-2023-49144 | 2024-08-16 | 6.7 Medium | ||
| Out of bounds read in OpenBMC Firmware for some Intel(R) Server Platforms before versions egs-1.15-0, bhs-0.27 may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2024-39426 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-15 | 7.8 High |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-41833 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-15 | 5.5 Medium |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-41834 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-08-15 | 5.5 Medium |
| Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||