Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-31192

Summary
Assigner-Nozomi
Assigner Org ID-bec8025f-a851-46e5-b3a3-058e6b0aa23c
Published At-18 Sep, 2024 | 13:58
Updated At-18 Sep, 2024 | 15:38
Rejected At-
Credits

Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue affects libfluid: 0.1.0.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Nozomi
Assigner Org ID:bec8025f-a851-46e5-b3a3-058e6b0aa23c
Published At:18 Sep, 2024 | 13:58
Updated At:18 Sep, 2024 | 15:38
Rejected At:
▼CVE Numbering Authority (CNA)
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue affects libfluid: 0.1.0.

Affected Products
Vendor
Open Networking Foundation (ONF)
Product
libfluid
Collection URL
https://opennetworkingfoundation.github.io/libfluid/
Modules
  • libfluid_msg
Program Routines
  • fluid_msg::of13::GroupDesc::unpack
Default Status
unaffected
Versions
Affected
  • 0.1.0
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.

Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31192
N/A
Hyperlink: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31192
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
open_networking_foundation
Product
libfluid
CPEs
  • cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 0.1.0
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:prodsec@nozominetworks.com
Published At:18 Sep, 2024 | 14:15
Updated At:20 Sep, 2024 | 18:45

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue affects libfluid: 0.1.0.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CPE Matches
opennetworking
opennetworking
>>libfluid_msg>>0.1.0
cpe:2.3:a:opennetworking:libfluid_msg:0.1.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE-125Secondaryprodsec@nozominetworks.com
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-125
Type: Secondary
Source: prodsec@nozominetworks.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31192prodsec@nozominetworks.com
Third Party Advisory
Hyperlink: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31192
Source: prodsec@nozominetworks.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

545Records found
CVE-2024-31193
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31198
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 35.21%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:59
Updated-20 Sep, 2024 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31195
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31183
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::Hello::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31179
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropInstruction::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31189
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31187
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31176
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropOXM::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31190
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31174
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::FeaturesReply::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31184
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterStats::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31177
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31178
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropNextTables::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31191
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31166
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:54
Updated-20 Sep, 2024 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::HelloElemVersionBitmap::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31168
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::EchoCommon::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31173
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyFlow::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31169
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::QueueGetConfigReply::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31172
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyTable::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31170
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyQueue::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31181
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupStats::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31171
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyPort::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31186
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::QueueGetConfigReply::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31194
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31188
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTableFeatures::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31180
Matching Score-10
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-10
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupDesc::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-29608
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.44%
||
7 Day CHG~0.00%
Published-20 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ONOS 2.5.1. An intent with a port that is an intermediate point of its path installs an invalid flow rule, causing a network loop.

Action-Not Available
Vendor-opennetworkingn/a
Product-onosn/a
CVE-2022-24035
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.44%
||
7 Day CHG~0.00%
Published-20 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in ONOS 2.5.1. The purge-requested intent remains on the list, but it does not respond to changes in topology (e.g., link failure). In combination with other applications, it could lead to a failure of network management.

Action-Not Available
Vendor-opennetworkingn/a
Product-onosn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-31175
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TablePropertiesList::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-31197
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.14% / 35.21%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:59
Updated-20 Sep, 2024 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Null Termination in libfluid_msg library

Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-170
Improper Null Termination
CVE-2024-31185
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterBandList::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-31164
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:54
Updated-20 Sep, 2024 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionList::unpack13. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-23915
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:53
Updated-20 Sep, 2024 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::of13::InstructionSet::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-31196
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:59
Updated-20 Sep, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::ActionList::unpack10. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-31165
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:54
Updated-20 Sep, 2024 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::SetFieldAction::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-31167
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack13. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-23916
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:53
Updated-20 Sep, 2024 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routines fluid_msg::ActionSet::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-31182
Matching Score-8
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-8
Assigner-Nozomi Networks Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.20% / 41.88%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in libfluid_msg library

Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::QueuePropertyList::unpack10. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-690
Unchecked Return Value to NULL Pointer Dereference
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-31212
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.35%
||
7 Day CHG~0.00%
Published-17 Jul, 2022 | 00:00
Updated-03 Aug, 2024 | 07:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied.

Action-Not Available
Vendor-dbus-broker_projectn/a
Product-dbus-brokern/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-15903
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.36% / 57.50%
||
7 Day CHG~0.00%
Published-04 Sep, 2019 | 05:59
Updated-30 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

Action-Not Available
Vendor-libexpat_projectn/aPython Software Foundation
Product-pythonlibexpatn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-776
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
CVE-2017-9814
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.57%
||
7 Day CHG~0.00%
Published-14 Jul, 2017 | 05:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.

Action-Not Available
Vendor-cairographicsn/aopenSUSE
Product-cairoleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14513
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 13.89%
||
7 Day CHG~0.00%
Published-01 Aug, 2019 | 20:47
Updated-05 Aug, 2024 | 00:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.

Action-Not Available
Vendor-thekelleysn/aDebian GNU/Linux
Product-debian_linuxdnsmasqn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29089
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.16% / 37.71%
||
7 Day CHG~0.00%
Published-14 Apr, 2023 | 00:00
Updated-07 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding SIP multipart messages.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_980exynos_auto_t5123exynos_9110_firmwareexynos_1080exynos_5123_firmwareexynos_auto_t5123_firmwareexynos_9110exynos_980_firmwareexynos_5300exynos_1080_firmwareexynos_5300_firmwareexynos_5123n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-28555
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.21%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Audio

Transient DOS in Audio while remapping channel buffer in media codec decoding.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqca8337wcn785x-5mdm9628_firmwarewcn3950_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresm8350wcd9370ssg2115pwcn685x-1sm8450wcn3998wcd9385_firmwareqam8295pwcn3950qcn6024_firmwaremdm9628sm6375_firmwareqam8295p_firmwareqca6574au_firmwaresdx55_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresm6225-adwcd9375_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresm6225sm6225-ad_firmwaresa4155p_firmwarewcn3988_firmwaresa6145p_firmwaresa8195pwsa8810_firmwaresm8450_firmwaresw5100snapdragon_ar2_gen_1_platform_firmwaresa6155psg4150pqca8081qcm4490wcn685x-1_firmwarewcd9385qca6696_firmwarear8035sm4350_firmwarewcd9375sa8150pwsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475sa8295p_firmwareqca6564awcn6750_firmwaresg4150p_firmwaresa4150pwcn785x-1qcm4325sm6375wcn3991qca8337_firmwarewcd9380_firmwaressg2125psw5100psd865_5gsnapdragon_w5\+_gen_1_wearable_platformqca6564ausm8350-ac_firmwarewsa8835qca6574sxr1230p_firmwaresnapdragon_auto_5g_modem-rfwcd9380ssg2125p_firmwareqca6574awcn685x-5_firmwaresxr1230pwcn6750wcn3980qcm4325_firmwareqca6574_firmwarewsa8815sxr2230psnapdragon_xr2_5g_platform_firmwaresm4450qca6574a_firmwareqcn9024wcn785x-5_firmwarewcn3980_firmwaresa8295psm8475_firmwarewcn6740_firmwareqcm4490_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwsa8832_firmwaresm8350_firmwarewcn685x-5sm6225_firmwarewcn785x-1_firmwareqca6574ausa8155p_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810wsa8832sw5100p_firmwaresnapdragon_ar2_gen_1_platformsa6145psm8350-acqcs4490sa8145pwcn6740qca6696sa4150p_firmwaresm4350wcd9370_firmwaresm4350-ac_firmwaresa6150psdx55sa8155pqcn6024ssg2115p_firmwaresw5100_firmwaresa4155par8035_firmwareSnapdragonqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwaremdm9628_firmwaresxr1230p_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcd9385_firmwareqcn6024_firmwareqcm4325_firmwareqca6574_firmwaresd_8_gen1_5g_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwareqca8081_firmwarewcn3980_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn6740_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm4490_firmwareqcs4490_firmwarewsa8832_firmwaresa4155p_firmwarefastconnect_6900_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6696_firmwaresa4150p_firmwarewcd9370_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwaresa8295p_firmwaresg4150p_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9454
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.79% / 72.86%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ares_parse_a_reply function in the embedded ares library in ReSIProcate before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds-read) via a crafted DNS response.

Action-Not Available
Vendor-resiprocaten/a
Product-resiprocaten/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-32468
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 68.69%
||
7 Day CHG-0.39%
Published-25 Dec, 2021 | 23:25
Updated-03 Aug, 2024 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol. (Affected Chipsets MT7603E, MT7610, MT7612, MT7613, MT7615, MT7620, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7628mt7622_firmwaremt7603emt7610mt7612mt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7629mt7613mt7612_firmwaremt7915_firmwaremt7610_firmwaremt7620mt7615_firmwaremt7613_firmwaremt7622mt7915mt7620_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-44910
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.04%
||
7 Day CHG~0.00%
Published-27 Sep, 2024 | 00:00
Updated-19 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).

Action-Not Available
Vendor-nasan/a
Product-cryptolibn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10899
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.52% / 91.42%
||
7 Day CHG~0.00%
Published-09 Apr, 2019 | 03:52
Updated-04 Aug, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/LinuxCanonical Ltd.Fedora ProjectopenSUSE
Product-ubuntu_linuxdebian_linuxfedorawiresharkleapn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-11823
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-8.6||HIGH
EPSS-1.06% / 76.69%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 10:00
Updated-16 Sep, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

CRLF injection vulnerability in Network Center in Synology Router Manager (SRM) before 1.2.3-8017-2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

Action-Not Available
Vendor-Synology, Inc.
Product-router_managerSynology Router Manager (SRM)
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-44460
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.20% / 41.80%
||
7 Day CHG~0.00%
Published-12 Sep, 2024 | 00:00
Updated-30 Oct, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS).

Action-Not Available
Vendor-emqxn/aemqx
Product-nanomqn/ananomq
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found