Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-30546

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-26 Apr, 2023 | 18:14
Updated At-30 Jan, 2025 | 21:31
Rejected At-
Credits

Contiki-NG has off-by-one error in Antelope DBMS

Contiki-NG is an operating system for Internet of Things devices. An off-by-one error can be triggered in the Antelope database management system in the Contiki-NG operating system in versions 4.8 and prior. The problem exists in the Contiki File System (CFS) backend for the storage of data (file os/storage/antelope/storage-cfs.c). In the functions `storage_get_index` and `storage_put_index`, a buffer for merging two strings is allocated with one byte less than the maximum size of the merged strings, causing subsequent function calls to the cfs_open function to read from memory beyond the buffer size. The vulnerability has been patched in the "develop" branch of Contiki-NG, and is expected to be included in the next release. As a workaround, the problem can be fixed by applying the patch in Contiki-NG pull request #2425.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:26 Apr, 2023 | 18:14
Updated At:30 Jan, 2025 | 21:31
Rejected At:
▼CVE Numbering Authority (CNA)
Contiki-NG has off-by-one error in Antelope DBMS

Contiki-NG is an operating system for Internet of Things devices. An off-by-one error can be triggered in the Antelope database management system in the Contiki-NG operating system in versions 4.8 and prior. The problem exists in the Contiki File System (CFS) backend for the storage of data (file os/storage/antelope/storage-cfs.c). In the functions `storage_get_index` and `storage_put_index`, a buffer for merging two strings is allocated with one byte less than the maximum size of the merged strings, causing subsequent function calls to the cfs_open function to read from memory beyond the buffer size. The vulnerability has been patched in the "develop" branch of Contiki-NG, and is expected to be included in the next release. As a workaround, the problem can be fixed by applying the patch in Contiki-NG pull request #2425.

Affected Products
Vendor
contiki-ng
Product
contiki-ng
Versions
Affected
  • <= 4.8
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
CWECWE-193CWE-193: Off-by-one Error
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-193
Description: CWE-193: Off-by-one Error
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-257g-w39m-5jj4
x_refsource_CONFIRM
https://github.com/contiki-ng/contiki-ng/pull/2425
x_refsource_MISC
Hyperlink: https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-257g-w39m-5jj4
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/contiki-ng/contiki-ng/pull/2425
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-257g-w39m-5jj4
x_refsource_CONFIRM
x_transferred
https://github.com/contiki-ng/contiki-ng/pull/2425
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-257g-w39m-5jj4
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://github.com/contiki-ng/contiki-ng/pull/2425
Resource:
x_refsource_MISC
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:26 Apr, 2023 | 19:15
Updated At:09 May, 2023 | 14:27

Contiki-NG is an operating system for Internet of Things devices. An off-by-one error can be triggered in the Antelope database management system in the Contiki-NG operating system in versions 4.8 and prior. The problem exists in the Contiki File System (CFS) backend for the storage of data (file os/storage/antelope/storage-cfs.c). In the functions `storage_get_index` and `storage_put_index`, a buffer for merging two strings is allocated with one byte less than the maximum size of the merged strings, causing subsequent function calls to the cfs_open function to read from memory beyond the buffer size. The vulnerability has been patched in the "develop" branch of Contiki-NG, and is expected to be included in the next release. As a workaround, the problem can be fixed by applying the patch in Contiki-NG pull request #2425.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
contiki-ng
contiki-ng
>>contiki-ng>>Versions up to 4.8(inclusive)
cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarysecurity-advisories@github.com
CWE-193Primarysecurity-advisories@github.com
CWE ID: CWE-125
Type: Primary
Source: security-advisories@github.com
CWE ID: CWE-193
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/contiki-ng/contiki-ng/pull/2425security-advisories@github.com
Patch
https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-257g-w39m-5jj4security-advisories@github.com
Vendor Advisory
Hyperlink: https://github.com/contiki-ng/contiki-ng/pull/2425
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-257g-w39m-5jj4
Source: security-advisories@github.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

569Records found
CVE-2002-0083
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-4.08% / 88.08%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

Action-Not Available
Vendor-conectivaimmunixtrustixengardelinuxopenpkgn/aSUSEOpenBSDRed Hat, Inc.Mandriva (Mandrakesoft)
Product-opensshmandrake_linux_corporate_serveropenpkgimmunixsuse_linuxmandrake_single_network_firewalllinuxsecure_linuxmandrake_linuxn/a
CWE ID-CWE-193
Off-by-one Error
CVE-2017-12896
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcapRed Hat, Inc.
Product-enterprise_linux_desktopdebian_linuxenterprise_linux_serverenterprise_linux_server_austcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-26000
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-5.9||MEDIUM
EPSS-0.18% / 39.69%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 08:11
Updated-16 Apr, 2025 | 15:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PHOENIX CONTACT: Out of bounds read only memory access

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-charx_sec-3000_firmwarecharx_sec-3000charx_sec-3150_firmwarecharx_sec-3150charx_sec-3050charx_sec-3100_firmwarecharx_sec-3050_firmwarecharx_sec-3100CHARX SEC-3150CHARX SEC-3100CHARX SEC-3050CHARX SEC-3000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-13687
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcap
Product-debian_linuxtcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2001-0609
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-9.91% / 92.71%
||
7 Day CHG~0.00%
Published-27 Jul, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.

Action-Not Available
Vendor-infodromn/a
Product-cfingerdn/a
CWE ID-CWE-193
Off-by-one Error
CVE-2017-13139
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.95% / 75.45%
||
7 Day CHG~0.00%
Published-23 Aug, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, the ReadOneMNGImage function in coders/png.c has an out-of-bounds read with the MNG CLIP chunk.

Action-Not Available
Vendor-n/aDebian GNU/LinuxCanonical Ltd.ImageMagick Studio LLC
Product-ubuntu_linuxdebian_linuximagemagickn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-23526
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-5.3||MEDIUM
EPSS-1.61% / 81.01%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-23529
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-5.3||MEDIUM
EPSS-1.61% / 81.01%
||
7 Day CHG~0.00%
Published-19 Apr, 2024 | 01:10
Updated-06 May, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory.

Action-Not Available
Vendor-Ivanti Software
Product-avalancheAvalancheavalanche
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-13725
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcap
Product-debian_linuxtcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-12987
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcapRed Hat, Inc.
Product-enterprise_linux_desktopdebian_linuxenterprise_linux_serverenterprise_linux_server_austcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-1999-0006
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-8.24% / 91.87%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-qpoppern/aqpopper
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-23086
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.13% / 33.83%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 00:00
Updated-18 Jun, 2025 | 18:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification.

Action-Not Available
Vendor-mikkotommilan/amtommila
Product-apfloatn/aapfloat
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-13028
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.01% / 76.15%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcap
Product-debian_linuxtcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-43537
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.09% / 26.68%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host

Information disclosure while handling T2LM Action Frame in WLAN Host.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214qca8386_firmwarewsa8845_firmwarewsa8832ipq9574qca8082_firmwareqcc2076_firmwareqcn9000_firmwareqca6595qcn9022immersive_home_216ipq6028_firmwareqca8081_firmwarear8035_firmwareqca6696qcn5022_firmwarewsa8830_firmwarewcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024qca4024_firmwareqca0000_firmwareqcc2073_firmwareqcc710_firmwareipq8076ipq9008qca6564auipq6018_firmwareqcn6023ipq9008_firmwareqcn9074qcn5124_firmwarewsa8832_firmwareqca8337_firmwareqca8337qca9888wcd9395ipq6000qcn9013ipq8173ipq8072a_firmwareipq8078aqca6574au_firmwareipq8078a_firmwareipq6010_firmwareqca6574auwcd9390wsa8845h_firmwareqcn6112_firmwareflight_rb5_5gqcn9100_firmwareqcn5122ipq5028qca8085_firmwareqcn9070_firmwareqca6554aqcn6024_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qca6584auqcn6274_firmwareqcn9000ssg2115pqcc710qcn6132_firmwareqfw7114_firmwareqca4024qca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900immersive_home_214_firmwareimmersive_home_326_firmwareqcn5052qfw7114ipq8070awcd9385_firmwareipq9574_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sxr2230pipq8074a_firmwareipq8076aqcn5164snapdragon_x65_5g_modem-rfimmersive_home_3210qca8075_firmwareqcf8000wsa8845qcn5052_firmwareqca6564au_firmwarecsr8811_firmwaresxr1230pqca8075video_collaboration_vc5_platform_firmwareqca8085ipq6010sdx65m_firmwareqca6595auwsa8840qcs8550_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwarewcd9385qcn9012ipq8070a_firmwareqcn9070qca8084_firmwareqca8084qcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobileqcn5024sdx65msdx55_firmwareimmersive_home_326ipq8071a_firmwareqcc2076flight_rb5_5g_firmwaressg2125pqca6554a_firmwareqca6574aipq9570snapdragon_8\+_gen_2_mobileipq6028snapdragon_x65_5g_modem-rf_firmwarewcd9340qcn9100qcs8250_firmwarerobotics_rb5qcn6122_firmwareqcn5154_firmwareqcn9013_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550qcn5122_firmwareqcn9274ipq8076_firmwareqca6584au_firmwareipq8076a_firmwareqcn5152_firmwareqca6574qcn6274qcn9024qfw7124ipq9570_firmwareqca6391_firmwareqca0000qca6595au_firmwareqrb5165n_firmwaresxr2230p_firmwarewsa8835wsa8840_firmwareqca6696_firmwareqcn9024_firmwarewsa8845hwcd9380_firmwareqca8082qca6574_firmwareqca8081qcn5124snapdragon_ar2_gen_1_firmwarewsa8830sm8550pqcf8000_firmwareqcn5152snapdragon_x75_5g_modem-rfqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122ipq8174_firmwareqcc2073ar8035ipq8072aqca6574a_firmwareqcn9072_firmwaresdx55qca9888_firmwareimmersive_home_216_firmwareipq8074aimmersive_home_3210_firmwareqca9889immersive_home_316qcn5024_firmwareqca8386qca6391immersive_home_318ipq5010ipq8071aqcn6224ipq8173_firmwareqcn6112qcn9012_firmwareqcn9274_firmwaressg2125p_firmwareqrb5165nqcs8550ipq6000_firmwarefastconnect_7800snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca9889_firmwaresnapdragon_ar2_gen_1immersive_home_316_firmwareqcn5154qcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwaressg2115p_firmwarewsa8835_firmwarecsr8811ipq8078qcn5022qcs8250qcn9072qcn6224_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-22011
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.5||HIGH
EPSS-0.50% / 65.05%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 18:55
Updated-26 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ss_ProcessRejectComponent of ss_MmConManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-12902
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcapRed Hat, Inc.
Product-enterprise_linux_desktopdebian_linuxenterprise_linux_serverenterprise_linux_server_austcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-13020
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcap
Product-debian_linuxtcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-13024
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-2.06% / 83.17%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 06:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print().

Action-Not Available
Vendor-n/aDebian GNU/Linuxtcpdump & libpcap
Product-debian_linuxtcpdumpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-11306
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-17.15% / 94.74%
||
7 Day CHG~0.00%
Published-19 May, 2018 | 17:00
Updated-05 Aug, 2024 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAdobe Acrobat and Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-11253
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-17.15% / 94.74%
||
7 Day CHG~0.00%
Published-19 May, 2018 | 17:00
Updated-05 Aug, 2024 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAdobe Acrobat and Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-21467
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 28.54%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-26 Nov, 2024 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Information disclosure while handling beacon probe frame during scan entry generation in client side.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareipq8173_firmwareqca6431_firmwareqcf8001qam8775pqamsrv1mqcn5124qca4024_firmwareimmersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwareqca6554a_firmwareqcn6024_firmwareqca8386_firmwareipq8076aimmersive_home_316_platform_firmwareqca8084_firmwareqcn6412qcn5164_firmwareqca6574au_firmwareqcn6422_firmwareqca8081_firmwareipq8078a_firmwareqca6678aq_firmwareipq5028sa4155p_firmwareqca6698aqqcf8001_firmwareqca0000ipq6010sdx65msa7775p_firmwareqcn6432snapdragon_870_5g_mobile_platform_\(sm8250-ac\)qcn6132sw5100qca6436sa6155pqcf8000qca6698aq_firmwareipq5312snapdragon_auto_5g_modem-rf_gen_2_firmwareqcn6122sa8255pqca9888_firmwareqam8775p_firmwareqca6431qca6696_firmwareipq9008_firmwareqcn5154_firmwarewsa8830_firmwarewcn3988sa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresa8770pwcd9380_firmwareipq8072asw5100pipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca8084qca6564auipq8078ipq8173ipq9008qcn5164snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwareqca6574qcn6402_firmwarecsr8811_firmwarewcd9380ipq9554_firmwareqcn5024wcn3980qcn5052_firmwareqcn9274_firmwareqcc2073_firmwareipq6018_firmwarewsa8815qcn6112qca6426_firmwareipq6028qcn9024ipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq5302qca6421_firmwaresnapdragon_x65_5g_modem-rf_systemqca6678aqsa8650p_firmwareipq8078_firmwarefastconnect_6900snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)fastconnect_6900_firmwareqcn9024_firmwaresa7255p_firmwareipq8174_firmwaresa8620pqcn6412_firmwaresw5100p_firmwareipq5332ipq5302_firmwareqamsrv1m_firmwareimmersive_home_326_platformipq6018immersive_home_214_platformqca6595_firmwareqca6391_firmwaresa4150p_firmwareimmersive_home_214_platform_firmwareqca4024sdx55qcn6402sa8155psrv1mqam8255psa4155pqcn5024_firmwarewsa8830qcn9070qam8650psnapdragon_865_5g_mobile_platformqcn9072qca8082qca8386ipq6000qcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwareqamsrv1hipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformqamsrv1h_firmwareipq8074aimmersive_home_318_platformqcn5124_firmwaresa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemqca8082_firmwaresdx55_firmwaresa7255pqcn5122_firmwareqca6595auqcn6023_firmwareqca6436_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcn9274sa8775p_firmwareipq8174qcn5052qcn6112_firmwarewcn3988_firmwareqcn9074srv1hqca8085qca6421sa8195pwsa8810_firmwaresa8255p_firmwareqca8081snapdragon_auto_5g_modem-rf_gen_2qcn6023sdx65m_firmwaresa7775pipq8071aipq8071a_firmwareimmersive_home_3210_platformwcd9385sa8770p_firmwareqca8085_firmwareipq5300ipq9570csr8811qcn9100_firmwareipq5010_firmwarewsa8815_firmwareipq8074a_firmwarewsa8835_firmwaresa4150pqcn9000qcf8000_firmwareqca6554afastconnect_6800qca6595immersive_home_326_platform_firmwarewsa8835qcn6122_firmwareqcn6422qcn5154qca8075_firmwareqca6574aqca9889qcn6132_firmwareqca9888qcc2076_firmwareipq8070a_firmwareipq8076_firmwaresa8650psa9000pqca6574_firmwareipq8076qca6175asa8775pqcn5152qca6574a_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6391fastconnect_7800qcn9100ipq5300_firmwareipq9570_firmwareqcn9070_firmwaresrv1h_firmwareipq8072a_firmwareipq6028_firmwareqcn6432_firmwareipq5312_firmwareqca6574ausa8155p_firmwareqca9889_firmwareqcn5122ipq9574fastconnect_7800_firmwarewsa8810ipq5332_firmwaresrv1m_firmwareqcn5022qam8650p_firmwareipq6010_firmwareqca6696qcn9022_firmwareqca8075qcn9022qcn6024qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcc2073qca6175a_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwarewcd9380_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwareqca6431_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareqcn6402_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwareqca8075_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwareqca8084_firmwareqcn5124_firmwareqca6426_firmwareqca8082_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareimmersive_home_3210_platform_firmwareqca6436_firmwareqca6421_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareqca6678aq_firmwaresa8775p_firmwareipq5300_firmwareipq8078_firmwaresa4155p_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwareqcf8001_firmwarefastconnect_6900_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwarewcn3988_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwaresa8155p_firmwaresa7775p_firmwareqcn9024_firmwareipq8174_firmwaresa7255p_firmwarewsa8810_firmwarefastconnect_7800_firmwaresa8255p_firmwareqcn6412_firmwaresw5100p_firmwareipq5332_firmwareipq5302_firmwareqca6698aq_firmwareqamsrv1m_firmwaresdx65m_firmwaresrv1m_firmwareipq8071a_firmwareqam8650p_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqca6391_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwaresa4150p_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwareqcn9072_firmwareipq6000_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwareqca6175a_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-22474
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 46.37%
||
7 Day CHG~0.00%
Published-28 Oct, 2021 | 12:24
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Out-of-bounds memory access in Huawei Smartphone.Successful exploitation of this vulnerability may cause process exceptions.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-21457
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.11% / 30.23%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 14:17
Updated-01 Aug, 2024 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

INformation disclosure while handling Multi-link IE in beacon frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwareqcn9070qca8337qam8650pqfw7124ipq8173_firmwareqam8775pqcf8001qamsrv1mqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000qcn5152_firmwareqca0000_firmwareqca6584au_firmwareqcn9000_firmwareipq9554qamsrv1hqca6554a_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqamsrv1h_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn6412qcn5124_firmwareqca8082_firmwaresa9000p_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114sa7255psdx55_firmwareipq5010qca6564au_firmwareqca6584ausa8620p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareqcn9274qca6678aq_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwareipq8174ipq5028qca6698aqqcn5052qca0000qcf8001_firmwareipq6010qcn6112_firmwareqcn9074srv1hqca8085sa7775p_firmwaresdx65mwcd9340qcn6132qcn6224sa8255p_firmwaresnapdragon_x75_5g_modem-rf_systemqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sa7775psdx65m_firmwareipq5312ipq8071a_firmwaresnapdragon_auto_5g_modem-rf_gen_2immersive_home_3210_platformqca8085_firmwareipq5300qam8775p_firmwareqca9888_firmwareqcn6122qca6696_firmwaresa8255psa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq9008_firmwareipq9570qcn5154_firmwarear8035csr8811qcc710_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresa8770pqca8337_firmwareqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173ipq9008qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574qcn6402_firmwarecsr8811_firmwareqcn6274qcn6422ipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqcn5154qca8075_firmwareqca6574aqcn5024qca9889qcn6132_firmwareqca9888qcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwaresa8650pqca6574_firmwaresa9000pwcd9340_firmwareqcn6112ipq8076qca6574a_firmwareqcn5152ipq6028sa8775pqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwareipq5302fastconnect_7800qcn9100qcn6274_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemipq5300_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresa7255p_firmwarefastconnect_7800_firmwaresa8620pqcn6412_firmwareipq5332_firmwareipq5332ipq5302_firmwareimmersive_home_326_platformqamsrv1m_firmwareipq6018qcn5022srv1m_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwareqca6696immersive_home_214_platform_firmwareqca4024sdx55qca8075qcn6402qcn9022_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaresrv1mqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073qcn6432ar8035_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwareqca8337_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareqcn6402_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwareqfw7114_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwareqca8084_firmwarewcd9340_firmwareqcn5124_firmwareqca8082_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6564au_firmwaresa8620p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareqca6678aq_firmwareqcn6274_firmwaresa8775p_firmwareipq5300_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcf8001_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwaresa7775p_firmwareqcn9024_firmwareipq8174_firmwaresa7255p_firmwarefastconnect_7800_firmwaresa8255p_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwareqca6698aq_firmwareqamsrv1m_firmwaresdx65m_firmwaresrv1m_firmwareipq8071a_firmwareqam8650p_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-4458
Matching Score-4
Assigner-Fedora Project
ShareView Details
Matching Score-4
Assigner-Fedora Project
CVSS Score-4||MEDIUM
EPSS-0.18% / 39.98%
||
7 Day CHG~0.00%
Published-14 Nov, 2024 | 12:09
Updated-19 Aug, 2025 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: ksmbd: smb2_open out-of-bounds read information disclosure vulnerability

A flaw was found within the parsing of extended attributes in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose sensitive information on affected installations of Linux. Only systems with ksmbd enabled are vulnerable to this CVE.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.
Product-linux_kernelRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-1869
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 26.93%
||
7 Day CHG~0.00%
Published-01 Mar, 2024 | 21:31
Updated-23 Aug, 2024 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220.

Action-Not Available
Vendor-HP Inc.
Product-HP DesignJetdesignjet_t120designjet_t520_36indesignjet_t520_24in
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2271
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.26%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996aumdm915_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605mdm915msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremsm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-11403
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.9||MEDIUM
EPSS-0.17% / 38.46%
||
7 Day CHG+0.02%
Published-25 Nov, 2024 | 13:08
Updated-23 Jul, 2025 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds Memory Read/Write in libjxl

There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame on untrusted input) does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli which is released as part of the same project, the same vulnerability is present. However, the relevant buffer is part of a bigger structure, and the code makes no assumptions on the values that could be overwritten. The issue could however cause jpegli to read uninitialised memory, or addresses of functions.

Action-Not Available
Vendor-libjxl_projectlibjxl
Product-libjxllibjxl
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-11131
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 49.05%
||
7 Day CHG+0.04%
Published-19 Mar, 2025 | 02:15
Updated-19 Mar, 2025 | 14:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability regarding out-of-bounds read is found in the video interface. This allows remote attackers to execute arbitrary code via unspecified vectors. The following models with Synology Camera Firmware versions before 1.2.0-0525 may be affected: BC500, CC400W and TC500.

Action-Not Available
Vendor-Synology, Inc.
Product-Camera Firmware
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1970
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.16%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610qcs2290_firmwareqca8337csrb31024sd_636csra6620qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155qca6335sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwaresa415mwcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwaresm4125sd720gwcd9326_firmwarewcn3615_firmwarewcn3950sd662sd710_firmwaresd460_firmwaresa8155qca6320_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615sm7250p_firmwarewcn3998_firmwarewcn3999_firmwareqca6420apq8053_firmwareqca6436_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310sd778gwcn3999sa515m_firmwaresdxr2_5gqcs6125sa8155_firmwaresd662_firmwaresdm630sa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwarewcd9340sa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qcs4290_firmwarewcd9385wcd9341qca6696_firmwarewcd9371sd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwaresm6250_firmwarewcd9375msm8953_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwaresd888sd670_firmwareqca6574wsa8835sd665_firmwarewcd9380sd888_5gsm6250pqca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6335_firmwaresa515mqca6574_firmwarewcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665wcn3910qca6320wcn6850wsa8815qca6175asd_8c_firmwareqca6426_firmwaresd765qca6574a_firmwaresd768g_firmwaresd835wcn3980_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290sdx50msd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd710sd_636_firmwaresd670qca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwarewcn6856sd_8csa6145pwcn3680bsd835_firmwareqca6564_firmwaresdxr1sd768gar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696sdm630_firmwareqca6391_firmwaresd845_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55apq8053sa8155pcsra6640sd675sd845sm7250psd720g_firmwareqca6175a_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2021-0516
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-1.55% / 80.65%
||
7 Day CHG~0.00%
Published-21 Jun, 2021 | 16:01
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181660448

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-43555
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.09% / 27.08%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Video

Information disclosure in Video while parsing mp2 clip with invalid section length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsw5100pwsa8832wsa8845_firmwaresnapdragon_480_5g_mobileqcs610_firmwaresxr2130_firmwarewcd9370snapdragon_860_mobile_firmwareqca6696snapdragon_778g\+_5g_mobilewcd9341_firmwarewcd9395_firmwaresd888_firmwareqca6426wcn6740_firmwarefastconnect_6700qca6564auwcn3610snapdragon_780g_5g_mobilesnapdragon_685_4g_mobileqcn9074snapdragon_782g_mobile_firmwarewsa8815_firmwaresnapdragon_wear_4100\+_firmwaresa8195p_firmwarewsa8832_firmwareqca6426_firmwarewcd9395qcm6490_firmwareqca6574au_firmwaresnapdragon_690_5g_mobile_firmwaresm7250p_firmwareqam8295pwcd9341qcm4490_firmwareqca6574ausnapdragon_820_automotivewcd9390snapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwaresd730_firmwarewsa8845h_firmwaresnapdragon_870_5g_mobile_firmwaresnapdragon_778g_5g_mobile_firmwaresnapdragon_730g_mobile_firmwarewcn3660b_firmwaresnapdragon_7c\+_gen_3_computesd730snapdragon_732g_mobilesnapdragon_690_5g_mobilefastconnect_6800_firmwareqcs5430snapdragon_778g\+_5g_mobile_firmwaresnapdragon_820_automotive_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesnapdragon_720g_mobileqcm5430sm6250_firmwaresm7250pqcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresd888snapdragon_xr2_5g_firmwaresw5100_firmwarewcn6740snapdragon_768g_5g_mobilesnapdragon_780g_5g_mobile_firmwarefastconnect_6800snapdragon_wear_4100\+qcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwaresnapdragon_730_mobile_firmwarewcd9385_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwaresnapdragon_xr2_5gsnapdragon_8_gen_1_mobile_firmwaresa8150pqcs4490snapdragon_730_mobilesnapdragon_680_4g_mobilewsa8845msm8996au_firmwaresa6155pqca6564au_firmwarewsa8810video_collaboration_vc5_platform_firmwaresw5100snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformaqt1000snapdragon_888_5g_mobilesnapdragon_4_gen_1_mobile_firmwaresm7315_firmware215_mobile_firmwaresa6155p_firmwaresnapdragon_662_mobile_firmwaresnapdragon_685_4g_mobile_firmwarewcd9326_firmwareqam8295p_firmwarewsa8840sd855qcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesm7315snapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqca6564a_firmwareqca6436_firmwaresnapdragon_4_gen_2_mobile_firmwaresnapdragon_888\+_5g_mobilewcd9385snapdragon_8_gen_1_mobilesnapdragon_695_5g_mobile_firmwarewcn3615qcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_680_4g_mobile_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3610_firmwareqcs7230_firmwarewcd9390_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileqca6420snapdragon_865\+_5g_mobileqca6430snapdragon_855\+_mobilewcd9370_firmwaresnapdragon_765_5g_mobilesnapdragon_860_mobilewcn3615_firmwarewcn3660bqca6574asnapdragon_8\+_gen_2_mobilesxr2130qcm4490sa8195pqcs8250_firmwaresnapdragon_480\+_5g_mobile_firmwaresm7325pqcm6490snapdragon_732g_mobile_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqca6420_firmwareaqt1000_firmwareqcm8550qcs6490_firmwaresnapdragon_662_mobilesnapdragon_765_5g_mobile_firmwarewcn3988sd855_firmwarewcn3980_firmwareqca6436wsa8835wsa8840_firmware215_mobileqca6391_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresw5100p_firmwareqca6696_firmwarewsa8845hwcd9380_firmwaresa6150pwcd9326qcs410sa8155p_firmwarewsa8815qca6564asg4150psa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sm8550psa6145pqcn9074_firmwaresnapdragon_768g_5g_mobile_firmwareqcm4325_firmwareqca6574a_firmwaresnapdragon_4_gen_1_mobilemsm8996ausnapdragon_4_gen_2_mobilesnapdragon_720g_mobile_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwareqcm4325wcd9375_firmwareqca6391snapdragon_865\+_5g_mobile_firmwareqcs5430_firmwaresg4150p_firmwaresm6250wcn3950_firmwaresa8295pqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sa8145p_firmwaresm7325p_firmwarewcn3680bsd865_5g_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375sa8150p_firmwaresnapdragon_765g_5g_mobilewcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwsa8835_firmwareqcs6490qcs8250snapdragon_695_5g_mobilesnapdragon_855_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarewcn3980wsa8830_firmwaresnapdragon_460_mobile_firmwarewcn3680b_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragonqualcomm_video_collaboration_vc1_platform_firmwaresnapdragon_662_mobile_platform_firmwarewcd9380_firmwaresa6150p_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresa8145p_firmwaremsm8996au_firmwareqcs7230_firmwaresnapdragon_820_automotive_platform_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwaresd730_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqcm5430_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6430_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarewcd9326_firmwarewcn3615_firmwareqcm4325_firmwaresm7325p_firmwarewsa8845_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresm7315_firmwareqca6574a_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcn3680b_firmwarefastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareaqt1000_firmwareqca6564au_firmwarewcn6740_firmwaresa6155p_firmwareqcm8550_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcs4490_firmwareqcm6490_firmwarewsa8840_firmwarewsa8832_firmwarefastconnect_6900_firmwareqcs8550_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwareqca6564a_firmwarewsa8810_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewcd9395_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarequalcomm_215_mobile_platform_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresm8550p_firmwaresm6250_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwarewcd9390_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwaresnapdragon_720g_mobile_platform_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2021-0431
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-1.56% / 80.73%
||
7 Day CHG~0.00%
Published-13 Apr, 2021 | 18:22
Updated-03 Aug, 2024 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174149901

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-44112
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.88%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 08:00
Updated-03 Sep, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds access vulnerability in the device authentication module. Successful exploitation of this vulnerability may affect confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUIharmonyosemui
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0925
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.47%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:05
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In rw_t4t_sm_detect_ndef of rw_t4t.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure due to a limited change in behavior based on the out of bounds data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-191444150

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9838
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.13% / 83.45%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 16:16
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5. A remote attacker may be able to cause arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osipadosiOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9717
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.86% / 85.72%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 14:08
Updated-04 Aug, 2024 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-44114
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 24.44%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 12:00
Updated-18 Sep, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds array vulnerability in the dataipa module.Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-44103
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.08% / 24.44%
||
7 Day CHG~0.00%
Published-11 Oct, 2023 | 11:51
Updated-18 Sep, 2024 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiHarmonyOSEMUI
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9719
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.13% / 83.45%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 14:11
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9627
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.40% / 84.44%
||
7 Day CHG+0.62%
Published-26 Jun, 2020 | 20:05
Updated-04 Aug, 2024 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-dng_software_development_kitmacoswindowsAdobe DNG Software Development Kit (SDK)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9628
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.40% / 84.44%
||
7 Day CHG+0.62%
Published-26 Jun, 2020 | 20:04
Updated-04 Aug, 2024 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-dng_software_development_kitmacoswindowsAdobe DNG Software Development Kit (SDK)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9721
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.13% / 83.45%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 14:13
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-11250
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-17.15% / 94.74%
||
7 Day CHG~0.00%
Published-19 May, 2018 | 17:00
Updated-05 Aug, 2024 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAdobe Acrobat and Reader 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, 11.0.22 and earlier versions
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-10467
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.30%
||
7 Day CHG+0.05%
Published-29 Oct, 2024 | 12:19
Updated-04 Nov, 2024 | 13:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory safety bugs present in Firefox 131, Firefox ESR 128.3, and Thunderbird 128.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Thunderbird < 128.4, and Thunderbird < 132.

Action-Not Available
Vendor-Mozilla Corporation
Product-firefoxthunderbirdFirefoxFirefox ESRThunderbirdfirefoxthunderbirdfirefox_esr
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-9828
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.28% / 51.04%
||
7 Day CHG~0.00%
Published-22 Oct, 2020 | 17:53
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to leak sensitive user information.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9837
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.5||HIGH
EPSS-0.76% / 72.44%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 16:16
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5. A remote attacker may be able to leak memory.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_ostvosmac_os_xipadostvOSmacOSiOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9705
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-2.86% / 85.72%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 13:20
Updated-04 Aug, 2024 | 10:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-9723
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-1.78% / 81.94%
||
7 Day CHG~0.00%
Published-19 Aug, 2020 | 14:15
Updated-04 Aug, 2024 | 10:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-8794
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-86.79% / 99.39%
||
7 Day CHG~0.00%
Published-25 Feb, 2020 | 16:38
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce handling.

Action-Not Available
Vendor-opensmtpdn/aCanonical Ltd.Fedora ProjectDebian GNU/Linux
Product-opensmtpdubuntu_linuxdebian_linuxfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-4280
Matching Score-4
Assigner-Silicon Labs
ShareView Details
Matching Score-4
Assigner-Silicon Labs
CVSS Score-9.3||CRITICAL
EPSS-0.07% / 22.77%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 16:52
Updated-13 Jun, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unvalidated input in Silicon Labs TrustZone implementation leads to accessing Trusted memory region

An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.

Action-Not Available
Vendor-silabssilabs.com
Product-gecko_software_development_kitGSDK
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 11
  • 12
  • Next
Details not found