Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-20428

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-27 Jan, 2020 | 04:20
Updated At-05 Aug, 2024 | 02:39
Rejected At-
Credits

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:27 Jan, 2020 | 04:20
Updated At:05 Aug, 2024 | 02:39
Rejected At:
▼CVE Numbering Authority (CNA)

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://wiki.lustre.org/Lustre_2.12.3_Changelog
x_refsource_MISC
http://lustre.org/
x_refsource_MISC
https://jira.whamcloud.com/browse/LU-12603
x_refsource_MISC
https://review.whamcloud.com/#/c/36108/
x_refsource_MISC
Hyperlink: http://wiki.lustre.org/Lustre_2.12.3_Changelog
Resource:
x_refsource_MISC
Hyperlink: http://lustre.org/
Resource:
x_refsource_MISC
Hyperlink: https://jira.whamcloud.com/browse/LU-12603
Resource:
x_refsource_MISC
Hyperlink: https://review.whamcloud.com/#/c/36108/
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://wiki.lustre.org/Lustre_2.12.3_Changelog
x_refsource_MISC
x_transferred
http://lustre.org/
x_refsource_MISC
x_transferred
https://jira.whamcloud.com/browse/LU-12603
x_refsource_MISC
x_transferred
https://review.whamcloud.com/#/c/36108/
x_refsource_MISC
x_transferred
Hyperlink: http://wiki.lustre.org/Lustre_2.12.3_Changelog
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://lustre.org/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://jira.whamcloud.com/browse/LU-12603
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://review.whamcloud.com/#/c/36108/
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:27 Jan, 2020 | 05:15
Updated At:29 Jan, 2020 | 19:19

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
lustre
lustre
>>lustre>>Versions before 2.12.3(exclusive)
cpe:2.3:a:lustre:lustre:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lustre.org/cve@mitre.org
Product
Vendor Advisory
http://wiki.lustre.org/Lustre_2.12.3_Changelogcve@mitre.org
Release Notes
Vendor Advisory
https://jira.whamcloud.com/browse/LU-12603cve@mitre.org
Third Party Advisory
https://review.whamcloud.com/#/c/36108/cve@mitre.org
Third Party Advisory
Hyperlink: http://lustre.org/
Source: cve@mitre.org
Resource:
Product
Vendor Advisory
Hyperlink: http://wiki.lustre.org/Lustre_2.12.3_Changelog
Source: cve@mitre.org
Resource:
Release Notes
Vendor Advisory
Hyperlink: https://jira.whamcloud.com/browse/LU-12603
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://review.whamcloud.com/#/c/36108/
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

553Records found
CVE-2024-33020
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.57%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-20 Nov, 2024 | 19:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN HOST

Transient DOS while processing TID-to-link mapping IE elements.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwarewsa8830sxr2230p_firmwareqca8337qam8650pqfw7124qam8775psnapdragon_870_5g_mobile_platform_firmwareqamsrv1mflight_rb5_5g_platformsnapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwareqcn6224_firmwarewsa8840srv1l_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformwcd9370ssg2115pqcm5430_firmwareqca6426qca6584au_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqamsrv1hqca6554a_firmwarewcd9385_firmwareqamsrv1h_firmwareqca6688aqsa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresa7255pqca6595auqca8081_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114wcd9375_firmwarewsa8845h_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwaresa8620p_firmwareqcm8550_firmwaresnapdragon_870_5g_mobile_platformqca6678aq_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwareqcs6490wsa8840_firmwareqca6698aqvideo_collaboration_vc5_platformqcs8550_firmwaresrv1hsa7775p_firmwarefastconnect_6700_firmwaresa8195pwcd9340wsa8810_firmwareqcn6224wsa8845hqca6436snapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresa6155pqcs7230snapdragon_x75_5g_modem-rf_systemqca8081wcd9395_firmwareqca6698aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2sa7775pqam8620pqcs5430sxr2250psa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresa8255psxr2130_firmwarewcd9385qca6696_firmwareqcs6490_firmwareqca6797aqar8035wcd9375wcd9390qcc710_firmwarerobotics_rb5_platformwsa8830_firmwaresd865_5g_firmwareqcm6490wsa8815_firmwarewsa8835_firmwaresa8195p_firmwarevideo_collaboration_vc5_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr2250p_firmwaresa8770pqca6688aq_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaressg2125pqca6554asd865_5gfastconnect_6800qca6595qca6564auqcm8550qcs7230_firmwarewsa8835qca6574sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274wcd9380fastconnect_6700snapdragon_x72_5g_modem-rf_system_firmwaressg2125p_firmwaresxr2130qca6574asxr1230pvideo_collaboration_vc3_platform_firmwareqfw7114_firmwareqcc2076_firmwarewsa8845qcc2073_firmwaresa8650psa9000pqca6574_firmwarewcd9340_firmwarewsa8815sxr2230psnapdragon_865\+_5g_mobile_platformwsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqcs8250qca6574a_firmwaresa8775psnapdragon_x55_5g_modem-rf_system_firmwareqca6391fastconnect_7800snapdragon_865\+_5g_mobile_platform_firmwareqcn6274_firmwaresnapdragon_xr2_5g_platformqca6678aqqcm6490_firmwaresa8650p_firmwarewsa8832_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwareqca6574ausa8155p_firmwaresrv1lsa7255p_firmwareqcs8250_firmwarefastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformsa8620pwsa8810wsa8832sm8550pqamsrv1m_firmwaresnapdragon_ar2_gen_1_platformqcm5430srv1m_firmwareqam8650p_firmwareqcc710qca6595_firmwarewcd9395qca6696qcs5430_firmwareqca6391_firmwareqcs8550wcd9370_firmwaresm8550p_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresa8155pqcc2076srv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragonqam8255p_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcs7230_firmwarear8035_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwaresxr1230p_firmwaresrv1l_firmwareqca6595au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaressg2125p_firmwareqcm5430_firmwareqca6584au_firmwareqrb5165n_firmwareqfw7114_firmwareqcc2076_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcc2073_firmwareqamsrv1h_firmwareqca6574_firmwarewcd9340_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6436_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqcm8550_firmwareqca6678aq_firmwareqcn6274_firmwaresa8775p_firmwareqcm6490_firmwarewsa8840_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwareqca6797aq_firmwaresa8155p_firmwaresa7775p_firmwarefastconnect_6700_firmwaresa7255p_firmwarewsa8810_firmwareqcs8250_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaressg2115p_firmwarefastconnect_6800_firmwareqam8620p_firmwaresxr2250p_firmwareqfw7124_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-33070
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.55%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:58
Updated-16 Oct, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Transient DOS while parsing ESP IE from beacon/probe response frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwareqca6574auqca6564a_firmwareqca6564aqca6574a_firmwareqca6574au_firmwareqca6564aumdm9628mdm9628_firmwareqca6574aSnapdragonqca6564au_firmwareqca6564a_firmwareqca6574a_firmwareqca6574au_firmwaremdm9628_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31171
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.00%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyPort::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31194
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 39.16%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31195
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31173
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.00%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyFlow::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31172
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.00%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyTable::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31714
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.49%
||
7 Day CHG~0.00%
Published-20 May, 2024 | 17:17
Updated-13 Feb, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Waxlab wax v.0.9-3 and before allows an attacker to cause a denial of service via the Lua library component.

Action-Not Available
Vendor-n/awaxlab
Product-n/awax
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31168
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.00%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::EchoCommon::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31193
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 39.16%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31178
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 43.09%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropNextTables::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31189
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31177
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31179
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropInstruction::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31186
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31191
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 39.16%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31180
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 43.09%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupDesc::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31184
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterStats::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-30604
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.83%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 00:00
Updated-13 Mar, 2025 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 parameter of the fromDhcpListClient function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-fh1203_firmwarefh1203n/afh1203_firmware
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-37377
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-2||LOW
EPSS-0.04% / 11.24%
||
7 Day CHG~0.00%
Published-08 Sep, 2023 | 00:00
Updated-26 Sep, 2024 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_2100_firmwareexynos_850exynos_2100exynos_w920exynos_850_firmwareexynos_980exynos_980_firmwareexynos_w920_firmwaren/amobile_processor_wearable_processor
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31192
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.18% / 39.16%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31188
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31187
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31181
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupStats::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31183
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::Hello::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31176
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.34%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropOXM::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31198
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.26% / 48.84%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:59
Updated-20 Sep, 2024 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-29857
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.03%
||
7 Day CHG~0.00%
Published-09 May, 2024 | 04:17
Updated-13 Feb, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of the curve parameters.

Action-Not Available
Vendor-n/abouncycastle
Product-n/abc-javabc_c_.netbc-fja
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-20277
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-14.90% / 94.38%
||
7 Day CHG~0.00%
Published-12 May, 2021 | 13:54
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxSambaFedora Project
Product-debian_linuxfedorasambasamba
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-28640
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-17.05% / 94.83%
||
7 Day CHG~0.00%
Published-16 Mar, 2024 | 00:00
Updated-27 Jun, 2025 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a7000ra7000r_firmwarex5000r_firmwarex5000rn/aa7000r_firmwarex5000r_firmware
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-34359
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.27% / 49.65%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 04:31
Updated-21 Oct, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ASUS RT-AX88U - Out-of-bounds Read - 2

ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "do_json_decode()" function of ej.c, resulting in a DoS condition.

Action-Not Available
Vendor-ASUS (ASUSTeK Computer Inc.)
Product-rt-ax88u_firmwarert-ax88uRT-AX88Urt-ax88u
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-46794
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.37%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 19:01
Updated-28 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_2600xathlon_gold_3150geryzen_3600x_firmwareryzen_3800xryzen_1200_\(af\)_firmwareryzen_3300xryzen_5300geryzen_3600ryzen_5995wxryzen_2920x_firmwareryzen_5600ryzen_5955wxryzen_5800x_firmwareryzen_2700eryzen_2600_firmwareryzen_5500_firmwareryzen_5900ryzen_3600xryzen_2920xryzen_pro_2100ge_firmwareryzen_2970wx_firmwareryzen_3800x_firmwareryzen_3600xt_firmwareryzen_5700xryzen_5600xryzen_2300x_firmwareryzen_5300g_firmwareryzen_5700geryzen_2600e_firmwareryzen_2950xryzen_3900xt_firmwareryzen_2600ryzen_3600_firmwareryzen_2500xryzen_5600x_firmwareryzen_3900xtryzen_5945wx_firmwareryzen_2990wx_firmwareathlon_gold_3150g_firmwareryzen_5800_firmwareryzen_2990wxryzen_3100_firmwareryzen_3500_firmwareryzen_2500x_firmwareryzen_5300gryzen_2200geryzen_2200ge_firmwareryzen_3900ryzen_5975wxryzen_2200gryzen_2950x_firmwareryzen_2600eryzen_2700_firmwareryzen_5800ryzen_3800xt_firmwareryzen_5800xryzen_5800x3d_firmwareryzen_3300x_firmwareathlon_silver_3050geryzen_2970wxathlon_silver_3050ge_firmwareryzen_3800xtryzen_5500ryzen_2700x_firmwareryzen_3900xryzen_2600x_firmwareryzen_5955wx_firmwareryzen_3500ryzen_5300ge_firmwareryzen_2400ge_firmwareryzen_3950xryzen_5995wx_firmwareryzen_5950x_firmwareathlon_gold_3150gryzen_1200_\(af\)ryzen_5700g_firmwareryzen_5900_firmwareryzen_3600xtryzen_5600ge_firmwareryzen_5600gryzen_5950xryzen_2400gryzen_pro_2100geryzen_5600_firmwareryzen_2700xryzen_5965wx_firmwareryzen_5600g_firmwareryzen_2400geryzen_5945wxryzen_5965wxryzen_5700gryzen_5600geryzen_3900_firmwareryzen_2700ryzen_2200g_firmwareryzen_5900xryzen_3950x_firmwareryzen_5700ge_firmwareryzen_3100ryzen_1600_\(af\)ryzen_2300xryzen_1600_\(af\)_firmwareryzen_3500xryzen_3500x_firmwareryzen_2400g_firmwareryzen_5900x_firmwareryzen_5700x_firmwareryzen_5975wx_firmwareryzen_5800x3dryzen_3900x_firmwareryzen_2700e_firmwareathlon_gold_3150ge_firmwareRyzen™ 3000 Series Desktop Processors “Matisse” AM4Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Pollock”Ryzen™ Threadripper™ PRO Processors “Castle Peak” WSRyzen™ 2000 Series Mobile Processors “Raven Ridge” FP5Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics “Dali”/”Dali” ULPRyzen™ 2000 series Desktop Processors “Raven Ridge” AM4Ryzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” Ryzen™ Threadripper™ PRO Processors “Chagall” WSRyzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”AMD Ryzen™ 5000 Series Desktop Processors “Vermeer” AM4Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDTRyzen™ 3000 Series Mobile processor, 2nd Gen AMD Ryzen™ Mobile Processors with Radeon™ Graphics “Picasso”
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-46765
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.67%
||
7 Day CHG~0.00%
Published-09 May, 2023 | 19:01
Updated-27 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-ryzen_6980hxryzen_5500_firmwareryzen_3800xryzen_3900xryzen_3900ryzen_5600gryzen_3500x_firmwareryzen_5600ryzen_5700xryzen_5800x3d_firmwareryzen_3500_firmwareryzen_3900_firmwareryzen_6980hsryzen_5975wx_firmwareryzen_5965wxryzen_5900x_firmwareryzen_6800u_firmwareryzen_5900xryzen_3500xryzen_5800ryzen_3600ryzen_6800hsryzen_3900xt_firmwareryzen_6600uryzen_5800x_firmwareryzen_3500ryzen_5500ryzen_5600geryzen_6800hs_firmwareryzen_5955wxryzen_5900ryzen_6800uryzen_6900hxryzen_5800_firmwareryzen_3600xryzen_5950xryzen_5600g_firmwareryzen_6900hsryzen_3300xryzen_3950x_firmwareryzen_3800x_firmwareryzen_5955wx_firmwareryzen_3900xtryzen_6800h_firmwareryzen_5600ge_firmwareryzen_5945wx_firmwareryzen_5700geryzen_3600xtryzen_5800xryzen_3600x_firmwareryzen_5995wx_firmwareryzen_3900x_firmwareryzen_6900hs_firmwareryzen_5700gryzen_6900hx_firmwareryzen_6600hryzen_5600xryzen_5700ge_firmwareryzen_5300g_firmwareryzen_5700x_firmwareryzen_5965wx_firmwareryzen_5300ge_firmwareryzen_5600_firmwareryzen_3950xryzen_5300geryzen_5600x_firmwareryzen_6980hx_firmwareryzen_3800xtryzen_6980hs_firmwareryzen_5950x_firmwareryzen_3800xt_firmwareryzen_6600hs_firmwareryzen_6600u_firmwareryzen_5995wxryzen_3100_firmwareryzen_3300x_firmwareryzen_6800hryzen_3600xt_firmwareryzen_5300gryzen_5700g_firmwareryzen_5945wxryzen_3600_firmwareryzen_3100ryzen_5800x3dryzen_6600h_firmwareryzen_5975wxryzen_5900_firmwareryzen_6600hsRyzen™ 3000 Series Mobile Processors with Radeon™ Graphics “Renoir” Ryzen™ 5000 Series Desktop processor with Radeon™ Graphics “Cezanne” AM4Ryzen™ 6000 Series Mobile Processors "Rembrandt"Ryzen™ 5000 Series Mobile processors with Radeon™ Graphics “Cezanne”Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics “Lucienne”
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-24417
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.29% / 52.23%
||
7 Day CHG~0.00%
Published-21 Jan, 2025 | 00:00
Updated-14 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-magman/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-24911
Matching Score-4
Assigner-Check Point Software Ltd.
ShareView Details
Matching Score-4
Assigner-Check Point Software Ltd.
CVSS Score-5.3||MEDIUM
EPSS-0.17% / 38.43%
||
7 Day CHG~0.00%
Published-06 Feb, 2025 | 13:46
Updated-15 Oct, 2025 | 16:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds read in the CPCA process on Check Point Management Server

In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache.

Action-Not Available
Vendor-Check Point Software Technologies Ltd.
Product-quantum_security_managementmulti-domain_managementgaia_osMulti-Domain Security Management, Quantum Security Management
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-23911
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-7.5||HIGH
EPSS-0.22% / 43.98%
||
7 Day CHG~0.00%
Published-15 Apr, 2024 | 10:46
Updated-30 Jun, 2025 | 13:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially crafted packet.

Action-Not Available
Vendor-nxtechDMG MORI Digital Co., LTD. and NEXT Co., Ltd.cente
Product-cente_ipv6cente_ipv6_snmpv3cente_ipv6_snmpv2Cente IPv6 SNMPv3Cente IPv6 SNMPv2Cente IPv6ipv6ipv6_snmpv3ipv6_snmpv2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-23353
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 52.85%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-26 Nov, 2024 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Multi Mode Call Processor

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_8_gen_1_mobile_platformsnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)mdm9640_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qfw7124sg8275p_firmwareqca6431_firmwarewcd9360_firmwaresnapdragon_820_automotive_platform_firmwaresnapdragon_888_5g_mobile_platformwsa8840snapdragon_wear_2100_platform_firmwaresnapdragon_212_mobile_platformwcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwaresnapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformsnapdragon_x70_modem-rf_systemqca6335snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarecsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwareqcm5430_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwaremsm8108snapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmwarewcd9371_firmwaremsm8108_firmwarewcn3950qcn6024_firmwaremdm9628snapdragon_855\+_mobile_platform_\(sm8150-ac\)snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmwarewcn3660bsnapdragon_660_mobile_platform_firmwaresnapdragon_460_mobile_platformmdm9230_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwaresdx71m_firmwaresnapdragon_8c_compute_platform_\(sc8180xp-ad\)_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-af\)_firmwareqca6574au_firmwaremdm9630qca8081_firmwarewcd9375_firmwaremsm8909wqca6420wcd9360snapdragon_8cx_compute_platform_\(sc8180xp-af\)snapdragon_auto_5g_modem-rf_firmwareqca9367_firmwaremdm8207smart_audio_400_platform_firmwarewsa8840_firmwareqca6698aqqcs6125robotics_rb3_platform_firmwareqca4004_firmwareqca6430robotics_rb3_platformqts110wcd9306_firmwaresnapdragon_8\+_gen_1_mobile_platformwcd9340snapdragon_720g_mobile_platformsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)sd626_firmwaresw5100snapdragon_780g_5g_mobile_platformqca6436snapdragon_860_mobile_platform_\(sm8150-ac\)snapdragon_690_5g_mobile_platformqca6698aq_firmwaremsm8209_firmwaresnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)mdm9250_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341vision_intelligence_100_platform_\(apq8053-aa\)snapdragon_wear_2500_platformsnapdragon_8c_compute_platform_\(sc8180x-ad\)_firmwareqca6696_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\)qca6431wcd9371snapdragon_8c_compute_platform_\(sc8180xp-ad\)snapdragon_x12_lte_modemwcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_430_mobile_platformqcc710_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd865_5g_firmwaresd660snapdragon_7c\+_gen_3_compute_firmwarewcn3988sd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_750g_5g_mobile_platform_firmwarewcn3610snapdragon_675_mobile_platform_firmwaremsm8608mdm9640snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)wcd9380_firmwareqca8337_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresdm429wwcd9330sw5100psnapdragon_765_5g_mobile_platform_\(sm7250-aa\)snapdragon_730_mobile_platform_\(sm7150-aa\)msm8996au_firmwaresnapdragon_7c_compute_platform_\(sc7180-ac\)snapdragon_w5\+_gen_1_wearable_platformqcm8550qca6564au9205_lte_modemsnapdragon_670_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresd670_firmwareqca6574snapdragon_7c\+_gen_3_computewcd9380snapdragon_wear_4100\+_platform_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaremdm9230fastconnect_6700qcs410snapdragon_210_processorsnapdragon_782g_mobile_platform_\(sm7325-af\)snapdragon_430_mobile_platform_firmwaremdm9205ssnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwarevideo_collaboration_vc3_platform_firmwarec-v2x_9150_firmwaresg8275psd626snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)wcn3980wcd9335_firmwareqfw7114_firmwareqca6430_firmwareqca6174wsa8845qca6335_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815wcn3910smart_display_200_platform_\(apq5053-aa\)_firmwareqca6584_firmwareqca6320snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)vision_intelligence_100_platform_\(apq8053-aa\)_firmwaresnapdragon_4_gen_1_mobile_platformqca6426_firmwarewcn3680wcn3660b_firmwaresnapdragon_670_mobile_platformsd835snapdragon_x62_5g_modem-rf_system_firmwareqcn9024wcn3980_firmwaresd730wcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresnapdragon_820_automotive_platformqca6421_firmware9205_lte_modem_firmwarewcn6740_firmwaresmart_audio_200_platformqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_system215_mobile_platformwcn3680_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)snapdragon_660_mobile_platform9206_lte_modem_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresd670smart_audio_200_platform_firmwareqcn9024_firmwareqca6564a_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwarewsa8832snapdragon_x24_lte_modemsw5100p_firmwareqcs610_firmwareqcm5430snapdragon_678_mobile_platform_\(sm6150-ac\)_firmware9207_lte_modem_firmwareqcc710qcs4490snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"vision_intelligence_200_platform_\(apq8053-ac\)wcd9395mdm8207_firmwaresnapdragon_750g_5g_mobile_platformqcs5430_firmwaresd820_firmwareqca6391_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)_firmware205_mobile_platformsnapdragon_710_mobile_platform_firmwarewcd9370_firmwaresm8550p_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmwaresdx55sd888_firmwaresd675csra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsnapdragon_1200_wearable_platformqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwareqep8111snapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwaresnapdragon_855_mobile_platformqcm2290snapdragon_632_mobile_platformsnapdragon_625_mobile_platform_firmwarear8035_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmwaresnapdragon_wear_2100_platformwsa8830snapdragon_662_mobile_platform_firmware9207_lte_modemsnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)_firmwaresnapdragon_x24_lte_modem_firmwareqcs2290_firmwarecsrb31024mdm9628_firmwaresnapdragon_865_5g_mobile_platformcsra6620qcn6224_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)qcs4290mdm9205s_firmwaresnapdragon_888_5g_mobile_platform_firmwaremdm9250qca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwareqca6174_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwarewcn3990_firmwaresnapdragon_8_gen_2_mobile_platformqca9377snapdragon_8cx_compute_platform_\(sc8180x-ab\)wcd9385_firmwarewcd9326_firmwarefastconnect_6200wcn3615_firmwaresnapdragon_1200_wearable_platform_firmwareapq8037snapdragon_x55_5g_modem-rf_systemqca6584snapdragon_835_mobile_pc_platform_firmwaresnapdragon_208_processor_firmwaresdx55_firmwareqca6320_firmwarewsa8845h_firmwarewcn3615snapdragon_8_gen_3_mobile_platformqfw7114sm7250p_firmwarewcn3680b_firmwarewcn3610_firmwaresnapdragon_212_mobile_platform_firmwareqca6595ausnapdragon_425_mobile_platformsnapdragon_429_mobile_platformqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwarewcd9306qca6584auqca6564au_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsnapdragon_208_processorsnapdragon_x70_modem-rf_system_firmwaresnapdragon_x5_lte_modem_firmwareqcs6490snapdragon_439_mobile_platformsnapdragon_855\+_mobile_platform_\(sm8150-ac\)_firmwareqca93679206_lte_modemsnapdragon_625_mobile_platformsnapdragon_wear_3100_platformqcs8550_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmware315_5g_iot_modemsnapdragon_778g_5g_mobile_platformqca6421sm6250c-v2x_9150fastconnect_6700_firmwaresxr1120apq8017_firmwaresnapdragon_626_mobile_platform_firmwareqcn6224wsa8810_firmwarevision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemwcd9395_firmwarewcd9335wcd9326snapdragon_x75_5g_modem-rf_systemsg4150pqca8081sdx71msnapdragon_x35_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2qcm4490qcs5430qca6174a_firmwareqcs4290_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwarewcd9385qcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_665_mobile_platform_firmwarear8035wcd9375aqt1000snapdragon_768g_5g_mobile_platform_\(sm7250-ac\)snapdragon_210_processor_firmwaresm6250_firmwaresc8180x\+sdx55_firmwaresnapdragon_712_mobile_platform_firmwarewcd9390snapdragon_662_mobile_platformvision_intelligence_400_platform_firmwarewcn3620_firmwaresd820wsa8815_firmwareqcm6490wsa8835_firmwarewcn3620apq8017sxr1120_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)qca6564asnapdragon_730g_mobile_platform_\(sm7150-ab\)mdm9630_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresg4150p_firmwaresnapdragon_x5_lte_modemqcm6125_firmwareqcm4325qcm2290_firmwaresnapdragon_626_mobile_platformsnapdragon_845_mobile_platformsnapdragon_1100_wearable_platformqcm2150_firmwarewcn3990sd_675snapdragon_732g_mobile_platform_\(sm7150-ac\)snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmwaresd865_5gfastconnect_6800snapdragon_7c_compute_platform_\(sc7180-ac\)_firmwaresnapdragon_835_mobile_pc_platformsd888wsa8835msm8909w_firmwaremsm8996ausdm429w_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_auto_5g_modem-rfqcn6274snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwaresm6250psnapdragon_8cx_compute_platform_\(sc8180xp-ac\)_firmwaresnapdragon_730_mobile_platform_\(sm7150-aa\)_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)sxr2130snapdragon_425_mobile_platform_firmwaresnapdragon_wear_4100\+_platformsmart_audio_400_platformqca6574aqca6174asm7325pqca6310_firmwaresnapdragon_860_mobile_platform_\(sm8150-ac\)_firmwareqca6574_firmwaresd855sm7325p_firmwaresdx57m_firmwarewsa8845_firmware205_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_665_mobile_platformqca6574a_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwarefastconnect_6200_firmwaresmart_display_200_platform_\(apq5053-aa\)msm8209vision_intelligence_300_platformsnapdragon_x55_5g_modem-rf_system_firmwaresm7315snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)qca6391snapdragon_710_mobile_platformsnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)fastconnect_7800aqt1000_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcm4490_firmwareqcn6274_firmwaresnapdragon_auto_4g_modemsnapdragon_632_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290qcm6490_firmwarecsrb31024_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcm2150snapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwarevideo_collaboration_vc1_platform_firmwareqca6574ausnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwarevision_intelligence_200_platform_\(apq8053-ac\)_firmwarewcd9341_firmwareqcm6125wsa8810fastconnect_7800_firmwaresnapdragon_712_mobile_platformsnapdragon_8cx_compute_platform_\(sc8180x-aa\)snapdragon_8_gen_1_mobile_platform_firmwaresm8550psnapdragon_680_4g_mobile_platformwcn3680bsd835_firmwaresnapdragon_675_mobile_platformsnapdragon_wear_2500_platform_firmwarewcn6740qca6696215_mobile_platform_firmwareqcs8550msm8608_firmwaresnapdragon_x50_5g_modem-rf_systemsnapdragon_1100_wearable_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresnapdragon_732g_mobile_platform_\(sm7150-ac\)_firmwarewcd9390_firmwareqcn6024apq8037_firmwaresm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcs410_firmwaremdm9330snapdragon_wear_1300_platformsnapdragon_xr1_platform_firmwareqts110_firmwareSnapdragonqca9377_firmwaresnapdragon_662_mobile_platform_firmwaremdm9640_firmwaresm6250p_firmware315_5g_iot_modem_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwaresg8275p_firmwareqca6431_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwarewcd9360_firmwareqcn6224_firmwaresnapdragon_wear_2100_platform_firmwarewcn3950_firmwaremdm9205s_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwareqca6595au_firmwareqca6174_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwaremsm8108_firmwarewcd9371_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_660_mobile_platform_firmwaremdm9230_firmwaresm7315_firmwareqca6320_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresdx71m_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwareqca8081_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwaresm7250p_firmwarewcd9375_firmwarewcn3610_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca9367_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresmart_audio_400_platform_firmwaresnapdragon_x70_modem-rf_system_firmwaresnapdragon_x5_lte_modem_firmwarewsa8840_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwarewcd9306_firmwarefastconnect_6700_firmwareapq8017_firmwaresd626_firmwaresnapdragon_626_mobile_platform_firmwarewsa8810_firmwarewcd9395_firmwareqca6698aq_firmwaremsm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_665_mobile_platform_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_210_processor_firmwaresm6250_firmwareqcc710_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaremdm9330_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwaresnapdragon_625_mobile_platform_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwaremdm9630_firmwaresg4150p_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwareqcm2150_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwaremsm8996au_firmwaresnapdragon_670_mobile_platform_firmwaremsm8909w_firmwaresd670_firmwaresdm429w_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresnapdragon_430_mobile_platform_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwareqfw7114_firmwareqca6335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwarewcn3680b_firmwaresm7325p_firmwareqca6584_firmwaresdx57m_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmware9205_lte_modem_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_632_mobile_platform_firmwaresnapdragon_x35_5g_modem-rf_system_firmwarewcn3680_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmware9206_lte_modem_firmwaresmart_audio_200_platform_firmwareqca6564a_firmwareqcn9024_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarequalcomm_215_mobile_platform_firmwaresd835_firmware9207_lte_modem_firmwaresnapdragon_wear_2500_platform_firmwaremdm8207_firmwareqcs5430_firmwaresd820_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaremsm8608_firmwaresm8550p_firmwarewcd9370_firmwaresnapdragon_1100_wearable_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareapq8037_firmwaresnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcs410_firmwareqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwaresnapdragon_xr1_platform_firmwareqts110_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-29971
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-2.57% / 85.21%
||
7 Day CHG+0.66%
Published-13 May, 2025 | 16:58
Updated-13 Feb, 2026 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Web Threat Defense (WTD.sys) Denial of Service Vulnerability

Out-of-bounds read in Web Threat Defense (WTD.sys) allows an unauthorized attacker to deny service over a network.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_23h2windows_11_22h2windows_11_24h2Windows 11 version 22H2Windows 11 Version 23H2Windows 11 version 22H3Windows 11 Version 24H2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-21343
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.15% / 78.10%
||
7 Day CHG~0.00%
Published-13 Feb, 2024 | 18:02
Updated-03 May, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Network Address Translation (NAT) Denial of Service Vulnerability

Windows Network Address Translation (NAT) Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2022_23h2windows_server_2012windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1507Windows Server 2012 R2Windows Server 2019Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 1607Windows 11 Version 23H2Windows Server 2022Windows 11 version 21H2Windows Server 2019 (Server Core installation)Windows 10 Version 22H2Windows 10 Version 1809Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-22040
Matching Score-4
Assigner-Siemens
ShareView Details
Matching Score-4
Assigner-Siemens
CVSS Score-7.5||HIGH
EPSS-0.25% / 48.07%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 10:21
Updated-16 Dec, 2025 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability has been identified in Cerberus PRO EN Engineering Tool (All versions), Cerberus PRO EN Fire Panel FC72x IP6 (All versions), Cerberus PRO EN Fire Panel FC72x IP7 (All versions), Cerberus PRO EN Fire Panel FC72x IP8 (All versions < IP8 SR4), Cerberus PRO EN X200 Cloud Distribution IP7 (All versions), Cerberus PRO EN X200 Cloud Distribution IP8 (All versions < V4.3.5618), Cerberus PRO EN X300 Cloud Distribution IP7 (All versions), Cerberus PRO EN X300 Cloud Distribution IP8 (All versions < V4.3.5617), Cerberus PRO UL Compact Panel FC922/924 (All versions < MP4), Cerberus PRO UL Engineering Tool (All versions < MP4), Cerberus PRO UL X300 Cloud Distribution (All versions < V4.3.0001), Desigo Fire Safety UL Compact Panel FC2025/2050 (All versions < MP4), Desigo Fire Safety UL Engineering Tool (All versions < MP4), Desigo Fire Safety UL X300 Cloud Distribution (All versions < V4.3.0001), Sinteso FS20 EN Engineering Tool (All versions), Sinteso FS20 EN Fire Panel FC20 MP6 (All versions), Sinteso FS20 EN Fire Panel FC20 MP7 (All versions), Sinteso FS20 EN Fire Panel FC20 MP8 (All versions < MP8 SR4), Sinteso FS20 EN X200 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X200 Cloud Distribution MP8 (All versions < V4.3.5618), Sinteso FS20 EN X300 Cloud Distribution MP7 (All versions), Sinteso FS20 EN X300 Cloud Distribution MP8 (All versions < V4.3.5617), Sinteso Mobile (All versions). The network communication library in affected systems insufficiently validates HMAC values which might result in a buffer overread. This could allow an unauthenticated remote attacker to crash the network service.

Action-Not Available
Vendor-Siemens AG
Product-Desigo Fire Safety UL Compact Panel FC2025/2050Sinteso FS20 EN Fire Panel FC20 MP6Sinteso MobileSinteso FS20 EN X200 Cloud Distribution MP8Sinteso FS20 EN X200 Cloud Distribution MP7Cerberus PRO EN X200 Cloud Distribution IP8Cerberus PRO EN X300 Cloud Distribution IP8Cerberus PRO UL X300 Cloud DistributionCerberus PRO EN X200 Cloud Distribution IP7Cerberus PRO UL Compact Panel FC922/924Sinteso FS20 EN Fire Panel FC20 MP8Cerberus PRO EN Fire Panel FC72x IP7Desigo Fire Safety UL X300 Cloud DistributionSinteso FS20 EN Engineering ToolCerberus PRO EN Engineering ToolSinteso FS20 EN X300 Cloud Distribution MP8Sinteso FS20 EN Fire Panel FC20 MP7Cerberus PRO EN Fire Panel FC72x IP8Cerberus PRO EN X300 Cloud Distribution IP7Desigo Fire Safety UL Engineering ToolCerberus PRO UL Engineering ToolCerberus PRO EN Fire Panel FC72x IP6Sinteso FS20 EN X300 Cloud Distribution MP7sinteso_fs20_en_engineering_toolcerberus_pro_en_x300_cloud_distributioncerberus_pro_ul_engineering_toolcerberus_pro_en_engineering_tooldesigo_fire_safety_ul_engineering_toolcerberus_pro_ul_compact_panelsinteso_fs20_en_x300_cloud_distributionsinteso_fs20_en_fire_panel_fc20cerberus_pro_ul_x300_cloudcerberus_pro_en_x200_cloud_distributionsinteso_mobilesinteso_fs20_en_x200_cloud_distributiondesigo_fire_safety_ul_compact_panelcerberus_pro_en_fire_panel_fc72x
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-27788
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.42%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 13:51
Updated-02 Apr, 2025 | 12:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Ruby JSON Parser has Out-of-bounds Read

JSON is a JSON implementation for Ruby. Starting in version 2.10.0 and prior to version 2.10.2, a specially crafted document could cause an out of bound read, most likely resulting in a crash. Versions prior to 2.10.0 are not vulnerable. Version 2.10.2 fixes the problem. No known workarounds are available.

Action-Not Available
Vendor-Ruby
Product-javascript_object_notationjson
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-5610
Matching Score-4
Assigner-FreeBSD
ShareView Details
Matching Score-4
Assigner-FreeBSD
CVSS Score-7.5||HIGH
EPSS-4.02% / 88.21%
||
7 Day CHG~0.00%
Published-29 Aug, 2019 | 21:37
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length from a type-length-value encoding. A remote user could cause an out-of-bounds read or trigger a crash of the software such as bsnmpd resulting in a denial of service.

Action-Not Available
Vendor-n/aFreeBSD FoundationNetApp, Inc.
Product-freebsdclustered_data_ontapFreeBSD
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-21479
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.40%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-26 Nov, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Audio

Transient DOS during music playback of ALAC content.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_8_gen_1_mobile_platformtalynplus_firmwarewsa8830qam8255p_firmwaresa6150p_firmwaresa8145p_firmwareqcs610qca8337qam8650pqfw7124qam8775pqamsrv1msnapdragon_865_5g_mobile_platformqcn6224_firmwarewcn3950_firmwaresa8150p_firmwarevideo_collaboration_vc3_platformsnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarewcd9370qca6426qca6584au_firmwarewcn3990_firmwareqca9377qamsrv1hsa8530pqam8295pwcn3950talynplusqamsrv1h_firmwaresd_8_gen1_5g_firmwarewcn3660bqam8295p_firmwaresa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemqca6320_firmwarewcn3680b_firmwaresnapdragon_835_mobile_pc_platform_firmwaresnapdragon_4_gen_2_mobile_platformsdx55_firmwaresa7255pqca8081_firmwareqca6574au_firmwareqfw7114wcn3610_firmwareqca6436_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresa8620p_firmwaresa6155p_firmwareqca9367_firmwareqca6584auqca6310snapdragon_x72_5g_modem-rf_systemsa8775p_firmwareqca6698aqqca9367wcn3988_firmwareqcn9074srv1hsa6145p_firmwaresa7775p_firmwaresnapdragon_8\+_gen_1_mobile_platformwcd9340sa8195pfastconnect_6700_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)wsa8810_firmwareqcn6224sw5100qca6436wcd9335snapdragon_x75_5g_modem-rf_systemsa8255p_firmwaresa6155pqca8081snapdragon_auto_5g_modem-rf_gen_2qca6698aq_firmwaresa7775psnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341sxr2130_firmwaresa8770p_firmwaresa8255pqam8775p_firmwareqca6696_firmwarear8035sa8150pqcc710_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewcn3988wsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwaresa8770pwcn3610wcd9380_firmwareqca8337_firmwarewcn3990sw5100psd865_5gsnapdragon_w5\+_gen_1_wearable_platformfastconnect_6800snapdragon_835_mobile_pc_platformsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresa8530p_firmwarewsa8835sa8540p_firmwaresd_8_gen1_5gwcd9380qcn6274snapdragon_wear_4100\+_platform_firmwaresnapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700qcs410sxr2130snapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_wear_4100\+_platformvideo_collaboration_vc3_platform_firmwareqca6310_firmwarewcn3980wcd9335_firmwareqfw7114_firmwaresa8650psa9000pwcd9340_firmwarewsa8815qca6320snapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresa8775psd835wcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6391sa8295pfastconnect_7800wcn6740_firmwareqcn6274_firmwaresnapdragon_xr2_5g_platformqcs4490_firmwarewsa8832_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900srv1h_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)fastconnect_6900_firmwarevideo_collaboration_vc1_platform_firmwareqca6574ausa8155p_firmwaresa7255p_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810sa8620pwsa8832sw5100p_firmwaresa8540psnapdragon_8_gen_1_mobile_platform_firmwareqcs610_firmwaresrv1m_firmwareqamsrv1m_firmwaresa6145pwcn3680bsd835_firmwareqam8650p_firmwareqcc710qcs4490sa8145pwcn6740qca6696qca6391_firmwarewcd9370_firmwaresdx55sa6150psa8155pvideo_collaboration_vc1_platformsrv1msnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareqfw7124_firmwareqam8255par8035_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaretalynplus_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwaresa6150p_firmwarewcd9380_firmwaresa8145p_firmwaresa8530p_firmwareqcn6224_firmwarewcn3950_firmwaresa8540p_firmwaresa8150p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqca6584au_firmwarewcn3990_firmwareqca6310_firmwarewcd9335_firmwareqfw7114_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresa9000p_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3680b_firmwareqca8081_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwareqca6436_firmwarewcn6740_firmwaresa8620p_firmwaresa6155p_firmwareqca9367_firmwareqcn6274_firmwareqcs4490_firmwaresa8775p_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwaresa7775p_firmwarefastconnect_6700_firmwaresa7255p_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwaresa8255p_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwaresd835_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqca6391_firmwarewcd9370_firmwareqcc710_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-20290
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-8.72% / 92.30%
||
7 Day CHG-1.63%
Published-07 Feb, 2024 | 16:16
Updated-13 Feb, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software and consuming available system resources. For a description of this vulnerability, see the ClamAV blog .

Action-Not Available
Vendor-Fedora ProjectCisco Systems, Inc.
Product-secure_endpointsecure_endpoint_private_cloudfedoraCisco Secure EndpointCisco Secure Endpoint Private Cloud Administration PortalCisco Secure Endpoint Private Cloud Console
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-20505
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-4||MEDIUM
EPSS-0.80% / 73.71%
||
7 Day CHG-0.09%
Published-04 Sep, 2024 | 21:23
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClamAV Memory Handling DoS

A vulnerability in the PDF parsing module of Clam AntiVirus (ClamAV) versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to an out of bounds read. An attacker could exploit this vulnerability by submitting a crafted PDF file to be scanned by ClamAV on an affected device. An exploit could allow the attacker to terminate the scanning process.

Action-Not Available
Vendor-Cisco Systems, Inc.ClamAV
Product-clamavClamAV
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-20687
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.5||HIGH
EPSS-4.93% / 89.39%
||
7 Day CHG~0.00%
Published-09 Jan, 2024 | 17:57
Updated-17 Jun, 2025 | 20:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft AllJoyn API Denial of Service Vulnerability

Microsoft AllJoyn API Denial of Service Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607windows_11_23h2Windows 10 Version 1507Windows Server 2019Windows 11 version 22H3Windows 10 Version 1809Windows Server 2019 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2016Windows Server 2016 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-20127
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-2.00% / 83.34%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:06
Updated-22 Apr, 2025 | 13:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2023.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6989mt8771mt6885mt6889mt6768mt6855mt6886mt8321mt6873mt8678mt6897mt8766rmt8768mt6878mt6833mt8788emt8781mt6739mt8797mt6761mt8666mt6789mt6985mt8766mt8667mt8863tmt6580mt8798mt6785mt6877mt8765mt8786mt6781mt6779mt6893mt6765mt6835mt8673mt6896mt6853androidmt6983mt6879mt6883mt6895mt8788mt8791tMT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8321, MT8666, MT8667, MT8673, MT8678, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8781, MT8786, MT8788, MT8788E, MT8791T, MT8797, MT8798, MT8863Tmt6896mt6855mt6873mt6893mt8765mt8788emt6580mt6886mt8788mt8791tmt6983mt8666mt6878mt6765mt6883mt6835mt6739mt8768mt6761mt8797mt6889mt8321mt6768mt8766rmt8781mt8766mt8786mt8678mt6985mt6833mt6885mt8673mt8863tmt6989mt6877mt6781mt6853mt8667mt6895mt6789mt8798mt6779mt6897mt6785mt8771mt6879
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-5146
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.6||HIGH
EPSS-0.45% / 62.95%
||
7 Day CHG~0.00%
Published-25 Jan, 2020 | 17:53
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.

Action-Not Available
Vendor-n/aAdvanced Micro Devices, Inc.VMware (Broadcom Inc.)
Product-workstationatidxx64AMD
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-20129
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.74% / 82.15%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 03:06
Updated-13 Mar, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2025.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6886mt6765mt8791tmt8678mt6835mt8673mt8667mt6893mt6889mt6789mt6761androidmt6896mt8781mt6781mt6877mt8321mt8798mt8765mt6983mt6855mt6883mt6853mt6779mt6895mt6785mt8863tmt6739mt8766rmt8788mt8768mt6989mt8797mt8786mt6873mt6580mt8766mt8666mt6833mt6878mt6985mt6768mt6885mt8771mt8788emt6879mt6897MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6896, MT6897, MT6983, MT6985, MT6989, MT8321, MT8666, MT8667, MT8673, MT8678, MT8765, MT8766, MT8766R, MT8768, MT8771, MT8781, MT8786, MT8788, MT8788E, MT8791T, MT8797, MT8798, MT8863Tmt6886mt6765mt8791tmt8678mt6835mt8673mt8667mt6893mt6889mt6789mt6761mt6896mt8781mt6781mt6877mt8321mt8798mt8765mt6983mt6855mt6883mt6853mt6779mt6895mt6785mt8863tmt6739mt8766rmt8788mt8768mt6989mt8797mt8786mt6873mt6580mt8766mt8666mt6833mt6878mt6985mt6768mt6885mt8771mt8788emt6879mt6897
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-5148
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.51% / 65.72%
||
7 Day CHG~0.00%
Published-25 Feb, 2020 | 15:57
Updated-04 Aug, 2024 | 19:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable denial-of-service vulnerability exists in ServiceAgent functionality of the Moxa AWK-3131A, firmware version 1.13. A specially crafted packet can cause an integer underflow, triggering a large memcpy that will access unmapped or out-of-bounds memory. An attacker can send this packet while unauthenticated to trigger this vulnerability.

Action-Not Available
Vendor-n/aMoxa Inc.
Product-awk-3131aawk-3131a_firmwareMoxa
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 11
  • 12
  • Next
Details not found