Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-21018

Summary
Assigner-SamsungMobile
Assigner Org ID-3af57064-a867-422c-b2ad-40307b65c458
Published At-06 Aug, 2025 | 04:23
Updated At-06 Aug, 2025 | 13:38
Rejected At-
Credits

Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:SamsungMobile
Assigner Org ID:3af57064-a867-422c-b2ad-40307b65c458
Published At:06 Aug, 2025 | 04:23
Updated At:06 Aug, 2025 | 13:38
Rejected At:
▼CVE Numbering Authority (CNA)

Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.

Affected Products
Vendor
Samsung ElectronicsSamsung Mobile
Product
Blockchain Keystore
Default Status
affected
Versions
Unaffected
  • 1.3.17.2
Problem Types
TypeCWE IDDescription
N/AN/ACWE-125 Out-of-bounds Read
Type: N/A
CWE ID: N/A
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=08
N/A
Hyperlink: https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=08
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:mobile.security@samsung.com
Published At:06 Aug, 2025 | 05:15
Updated At:15 Aug, 2025 | 16:02

Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CPE Matches
Samsung
samsung
>>blockchain_keystore>>Versions before 1.3.17.2(exclusive)
cpe:2.3:a:samsung:blockchain_keystore:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=08mobile.security@samsung.com
Vendor Advisory
Hyperlink: https://security.samsungmobile.com/serviceWeb.smsb?year=2025&month=08
Source: mobile.security@samsung.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

330Records found
CVE-2019-9445
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.24% / 47.27%
||
7 Day CHG~0.00%
Published-06 Sep, 2019 | 21:50
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Android kernel in F2FS driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-n/aCanonical Ltd.Google LLCDebian GNU/Linux
Product-androiddebian_linuxubuntu_linuxAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-0158
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.95%
||
7 Day CHG~0.00%
Published-11 Jun, 2020 | 14:43
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nfc_ncif_proc_t3t_polling_ntf of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141547128

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-0154
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.95%
||
7 Day CHG~0.00%
Published-11 Jun, 2020 | 14:43
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nci_proc_core_rsp of nci_hrcv.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure via compromised device firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141550919

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21214
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 5.72%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In addGroupWithConfigInternal of p2p_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235736

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21359
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.81%
||
7 Day CHG~0.00%
Published-30 Oct, 2023 | 16:56
Updated-02 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21194
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.32%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-04 Dec, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In gatt_dbg_op_name of gatt_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260079141

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21010
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.06%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029915

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21357
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.81%
||
7 Day CHG~0.00%
Published-30 Oct, 2023 | 16:56
Updated-06 Sep, 2024 | 19:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20984
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.72%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ParseBqrLinkQualityEvt of btif_bqr.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242993878

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21210
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.55%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 19:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In initiateHs20IconQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236331

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21314
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.60%
||
7 Day CHG~0.00%
Published-30 Oct, 2023 | 16:56
Updated-02 Aug, 2024 | 09:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21170
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 6.18%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 15:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In executeSetClientTarget of ComposerCommandEngine.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-252764410

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21156
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.47%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In BuildGetRadioNode of protocolmiscbulider.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the modem with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-264540759References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21011
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.06%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029912

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20982
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.72%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 14:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In btm_read_tx_power_complete of btm_acl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260568083

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21213
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 5.82%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 19:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In initiateTdlsTeardownInternal of sta_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235951

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20968
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.49%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262235935

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21012
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-3.7||LOW
EPSS-0.03% / 8.59%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-24 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029812

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21025
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.85%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ufdt_local_fixup_prop of ufdt_overlay.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254929746

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21009
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 2.06%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-26 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029925

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21154
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 7.23%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 14:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In StoreAdbSerialNumber of protocolmiscbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-263783910References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20983
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.72%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 14:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569449

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20674
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588552.

Action-Not Available
Vendor-yoctoprojectGoogle LLCLinux Kernel Organization, IncMediaTek Inc.
Product-linux_kernelmt6781mt6855mt6983mt8362amt5221mt8798mt8168mt8797mt6833mt6789mt8789mt8786mt8175mt8518mt8771mt8365mt8791tmt8675mt8766mt8167smt8532mt6895mt7921mt8385mt8695mt8781mt6877mt7902mt8169yoctomt7668mt6879mt7663mt8185androidmt8788mt8768MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20665
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-13 Feb, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628604; Issue ID: ALPS07628604.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6769mt8788mt6853mt6891mt6895mt6983mt8786mt6889mt6873mt8766mt8765mt6833mt6739mt6765mt6883mt6789mt8771mt6785mt6877mt6855mt8781mt6771mt6853tmt8795tmt8321mt8789mt6779mt6762mt6885mt6768mt6781mt6879mt6893mt8768mt6763mt8791tandroidmt8797mt6875mt8798mt6761mt8365MT6739, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8321, MT8365, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8795T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20818
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.51%
||
7 Day CHG~0.00%
Published-07 Aug, 2023 | 03:22
Updated-22 Oct, 2024 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07460540; Issue ID: ALPS07460540.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt6983mt6877mt6781mt6765mt6891mt6883mt6853mt6895mt6853tmt6739androidmt6875mt6761mt6889mt6768mt6779mt6879MT6580, MT6739, MT6761, MT6765, MT6768, MT6779, MT6781, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985mt6855mt6985mt6873mt6893mt6833mt6580mt6886mt6885mt6983mt6877mt6781mt6765mt6891mt6883mt6853mt6895mt6853tmt6739androidmt6875mt6761mt6889mt6768mt6779mt6879
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20729
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 12:11
Updated-08 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573575.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8532mt6985androidmt8518mt7902yoctomt8365mt7921MT6985, MT7902, MT7921, MT8365, MT8518, MT8532
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20675
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-13 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588569.

Action-Not Available
Vendor-yoctoprojectLinux Kernel Organization, IncMediaTek Inc.Google LLC
Product-mt8788mt8167smt6895mt6983mt7668yoctomt8185mt8786mt8766mt7663mt6833mt8385mt6789mt8771mt6877mt6855mt8781mt5221mt8518mt8168mt8789linux_kernelmt8532mt6879mt6781mt8169mt7921mt8362amt8768mt8695mt8675mt8791tandroidmt8797mt7902mt8798mt8175mt8365MT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20698
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.24%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-23 Jan, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt8766androidmt6891mt8185mt6879mt8789mt6877mt6885mt6762mt8666mt6781mt6833mt6893mt6765mt6983mt8768mt6739mt6789mt6580mt6853tmt6731mt8786mt8765mt6763mt8791mt6737mt6779mt6895mt8321mt8667mt8788mt6883mt6757chmt6771mt6757cdmt6769mt8385mt6757mt6889mt8797mt6768mt6757cmt8675mt6753mt6785mt6875mt8673mt8781mt8791tmt6873mt6761mt6853mt6735MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20730
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 12:11
Updated-08 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573552.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8532mt6985androidmt8518mt7902yoctomt8365mt7921MT6985, MT7902, MT7921, MT8365, MT8518, MT8532
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20688
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In power, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441821; Issue ID: ALPS07441821.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt8673mt8192mt8797mt8696mt8395mt8781mt8195mt8791mt2715mt6761mt6789mt6853mt6879mt8765mt8183mt6771mt6983mt6765mt8795tmt6737mt6891mt6873mt6875mt6762mt6779mt6885mt6893androidmt6757cdmt6769mt6889mt6883mt8175mt6853tmt6768mt8167mt8365mt6739mt8771mt6877mt6757cmt8666mt8798mt6833mt8786mt8168mt6757mt8362amt6753mt8385mt6763mt8173mt8321mt8390mt8185mt8788mt6785mt8188mt8768mt8675mt8789mt6895mt6580mt6781mt6731mt8891mt8766mt8169mt6735mt6855mt6757chmt8791tMT2715, MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8167, MT8168, MT8169, MT8173, MT8175, MT8183, MT8185, MT8188, MT8192, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8390, MT8395, MT8666, MT8673, MT8675, MT8696, MT8765, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8795T, MT8797, MT8798, MT8891
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42532
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 8.27%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332610References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21212
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 5.82%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236031

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21204
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.32%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 19:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the wifi server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262246231

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21206
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 6.11%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-04 Dec, 2024 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In initiateVenueUrlAnqpQueryInternal of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245630

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-4432
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.02%
||
7 Day CHG~0.00%
Published-05 Jan, 2023 | 17:32
Updated-08 Apr, 2025 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_x13s_firmwarethinkpad_x13sThinkPad X13s
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-4434
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.02%
||
7 Day CHG~0.00%
Published-05 Jan, 2023 | 17:32
Updated-10 Apr, 2025 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_x13s_firmwarethinkpad_x13sThinkPad X13s
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-9383
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 5.17%
||
7 Day CHG~0.00%
Published-17 Jan, 2025 | 23:03
Updated-10 Jul, 2025 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20969
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 1.24%
||
7 Day CHG~0.00%
Published-24 Mar, 2023 | 00:00
Updated-25 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236313

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21158
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 3.48%
||
7 Day CHG~0.00%
Published-28 Jun, 2023 | 00:00
Updated-03 Dec, 2024 | 14:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In encode of miscdata.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-263783635References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-4435
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.48%
||
7 Day CHG~0.00%
Published-05 Jan, 2023 | 17:33
Updated-10 Apr, 2025 | 14:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_x13s_firmwarethinkpad_x13sThinkPad X13s
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-4433
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.48%
||
7 Day CHG~0.00%
Published-05 Jan, 2023 | 17:32
Updated-10 Apr, 2025 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_x13s_firmwarethinkpad_x13sThinkPad X13s
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-20676
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.90%
||
7 Day CHG~0.00%
Published-06 Apr, 2023 | 00:00
Updated-12 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07628518.

Action-Not Available
Vendor-yoctoprojectLinux Kernel Organization, IncMediaTek Inc.Google LLC
Product-androidmt7921mt8175mt7668mt8365mt8797mt8781mt7902mt8771mt6877mt8695mt8798mt6833mt8786mt8168mt8362amt8518yoctomt8385mt6789mt6879mt8185mt8788linux_kernelmt5221mt6983mt8768mt8675mt8789mt6895mt8532mt6781mt7663mt8766mt8169mt6855mt8167smt8791tMT5221, MT6781, MT6789, MT6833, MT6855, MT6877, MT6879, MT6895, MT6983, MT7663, MT7668, MT7902, MT7921, MT8167S, MT8168, MT8169, MT8175, MT8185, MT8362A, MT8365, MT8385, MT8518, MT8532, MT8675, MT8695, MT8766, MT8768, MT8771, MT8781, MT8786, MT8788, MT8789, MT8791T, MT8797, MT8798
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42530
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 8.27%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242331893References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42543
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 6.92%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-249998113References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42515
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 13.76%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42516
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 14.64%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42522
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 8.27%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In DoSetCarrierConfig of miscservice.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243130038References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-42514
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 14.64%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763298References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-27225
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.85%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 18:55
Updated-03 Apr, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sendHciCommand of bluetooth_hci.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40134
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 12.32%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 21:20
Updated-27 Mar, 2025 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_t14sv330-20icbthinksystem_sr530_firmwarethinkagile_hx5530thinkpad_e490thinkstation_p350_tiny_firmwarethinkcentre_m90q_gen_2v55t_gen_2_13acnthinkpad_p53yta8900fthinkpad_x1_yoga_5th_genthinkpad_p72_firmwarethinkpad_r14_gen_2thinkagile_vx3320_firmwarethinkagile_hx2330thinkagile_vx7820thinkpad_l590thinksystem_sn850thinkpad_p52thinkagile_vx3320ideacentre_5-14are05thinkcentre_m810z_all-in-onethinkagile_hx2320_firmwarethinksystem_hr630x_firmwarethinkagile_vx_2u4nthinkcentre_m70c_firmwarev530s-07icb_firmwarethinksystem_sr630_v2thinkagile_hx7820_firmwarev55t_gen_2_13acn_firmwarethinkpad_t14s_firmwarethinksystem_sn850_firmwarethinkstation_p340thinkagile_vx_4u_firmwareideacentre_5-14iob6_firmwarethinkstation_p318_firmwarethinkserver_ts560_firmwarethinkagile_vx2320_firmwarethinksystem_sr250_v2_firmwarelegion_t530-28icbthinkcentre_m90sthinkserver_rd450_firmwareideacentre_5-14are05_firmwareideacentre_510s-07icb_firmwarethinkserver_sr588_firmwarethinkpad_t15_firmwarethinksystem_sr670_v2_firmwarethinkcentre_m75s_gen_2thinksystem_sr670_v2thinkagile_mx3331-f_firmwarethinkagile_hx2320-e_firmwarethinkcentre_m625q_firmwarethinkagile_hx3331thinkagile_vx5520thinkserver_rd350g_firmwarethinkserver_sd350_firmwarethinkserver_ts150thinkpad_x1_carbon_8th_genthinkagile_hx2321_firmwarethinksystem_sr860_v2_firmwareqt_b415_firmwarethinkcentre_m910x_firmwarethinkcentre_m910s_firmwareyangtian_afq150_firmwareideacentre_g5-14imb05thinkcentre_m70a_gen_2_firmwarethinkagile_mx3530_f_firmwarethinksystem_st258_firmwarethinkagile_hx3376_firmwarethinkpad_p52_firmwarethinkagile_hx7821_firmwarethinkcentre_m90t_firmwarethinkagile_vx_2u4n_firmwarelegion_t530-28aprthinkcentre_m70q_gen_2thinkagile_hx2330_firmwarethinkagile_hx1321thinkagile_mx_certified_node_-_hybrid_firmwarethinksystem_sd650-n_v2_firmwarethinkstation_p318thinksystem_st558_firmwareideacentre_g5-14amr05_firmwarethinkcentre_m75n_firmwarethinkcentre_m6600t_firmwarethinkcentre_m8600s_firmwarethinkcentre_m715q_firmwarethinksmart_hub_teamsthinkagile_hx3520-gthinkpad_x1_extreme_1st_genthinkcentre_m75nthinksystem_sr860legion_t5-26iob6_firmwarethinkcentre_m710qthinkcentre_m60e_tinythinkcentre_m70t_gen_3_firmwarethinkcentre_m710e_firmwarev530-15icbthinkagile_hx5530_firmwarethinkcentre_e75sthinkserver_sd350legion_t5-28icb05_firmwarethinkpad_p15s_gen_2_firmwarethinksystem_sd650_v2thinkcentre_m70sthinksystem_sr650_v2thinkserver_rd350_firmwarev520_firmwarethinkpad_p1_gen_3_firmwarethinkagile_mx3321_h_firmwarelegion_t5-28icb05thinkagile_mx3530_fthinkagile_hx1520-rthinkcentre_m70athinksystem_sd630_v2thinkagile_vx_1se_firmwarethinkcentre_m6600qthinkagile_mx1021ideacentre_3-07ada05_firmwareyoga_a940-27icb_firmwarethinkagile_hx2331thinkagile_hx2320-ethinkagile_vx5530v50t-13iob_g2_firmwarethinkpad_t15_gen_2thinkserver_sr860p_firmwarethinkserver_rd550_firmwarethinkcentre_m70q_gen_3thinkagile_vx1320thinksystem_sr950_firmwarethinkcentre_m80t_firmwarethinkcentre_m90a_gen_2thinkpad_p53s_firmwarethinkagile_hx3376v540-24iwlthinkagile_vx3530-gthinksystem_sd650_dwc_dual_node_traythinkagile_mx3531-fthinkpad_l13_yoga_firmwarethinksystem_sr570_firmwarethinksystem_sr158thinkcentre_m90q_tiny_firmwareideacentre_g5-14imb05_firmwarethinkcentre_m6600tthinkpad_t590thinksystem_st250thinkpad_x1_carbon_9th_gen_firmwarethinksystem_sr850thinkpad_x1_carbon_8th_gen_firmwarethinkagile_hx7530_firmwarethinksmart_hub_500thinkagile_hx5520thinkagile_vx7530_firmwarethinkcentre_m630ethinkpad_r14_gen_2_firmwarev530-15arrthinkstation_p310_firmwarethinkserver_ts450thinkpad_x1_carbon_7th_gen_firmwarethinksystem_sr950thinkcentre_e96z_firmwarethinkpad_l390_yoga_firmwarethinkagile_vx7520_nthinksystem_sr860_firmwarethinksystem_sr650_v2_firmwarethinkagile_mx_certified_node_-_all_flash_firmwarethinkpad_t14_gen_2_firmwarethinkagile_hx3720thinkagile_mx3321_hthinksystem_sd530thinkcentre_m90tthinkcentre_m715qthinksystem_st650_v2thinksystem_sr258_v2thinkcentre_m70s_gen_3_firmwarethinkedge_se30_firmwarethinkagile_hx1021v530-15icrthinksystem_hr610xthinkagile_vx3330thinkagile_mx3330-h_firmwarethinkpad_x1_yoga_6th_gen_firmwarethinkagile_hx3331_firmwarethinkpad_p15s_gen_1_firmwarethinkpad_x1_extreme_2nd_genthinksystem_st250_firmwarev50a-24imbthinksystem_hr610x_firmwarethinkpad_x390_yoga_firmwarethinkpad_p15v_gen_1legion_t530-28apr_firmwarethinkpad_t590_firmwarethinkserver_ts550legion_c530-19icbthinkpad_l490_firmwarethinkcentre_m90a_firmwarethinkagile_hx1331thinkagile_hx2320thinkagile_hx7521thinksystem_sr550thinkcentre_m8600sthinkagile_vx3520-g_firmwarethinkserver_rd650thinkagile_mx3530-hthinkagile_vx_2u_firmwarethinkpad_x13_gen_2thinkserver_rs160thinksystem_st250_v2thinkagile_hx2321ideacentre_510s-07ickthinkagile_mx3330-f_firmwarethinkpad_l15_gen_2_firmwarethinksystem_dx8200d_firmwarethinkagile_hx1320thinkcentre_m710s_firmwarethinkagile_hx1321_firmwarethinkpad_l14_gen_2_firmwarethinkpad_e590thinkpad_t15p_gen_1_legion_t5-26iob6thinkagile_hx1320_firmwarethinksystem_sn550_v2thinkpad_s3_2nd_gen_firmwarethinkagile_hx3521-gthinkcentre_m90q_tinylegion_t7-34imz5_firmwarethinkcentre_m70t_firmwarethinkpad_t15v530-15icr_firmwarethinkpad_x1_extreme_3rd_genthinkserver_ts150_firmwarethinkstation_p620_firmwarethinksystem_st650_v2_firmwarethinkpad_p14s_gen_2_firmwareqt_m410thinkagile_vx2330ideacentre_a340-22igmthinkcentre_m820z_all-in-onethinkpad_p15s_gen_1thinksystem_st550thinkpad_t14s_gen_2thinksystem_hr650x_firmwarethinkserver_td350_firmwarethinksystem_st658_v2_firmwarev30a-24imlthinkserver_rd450thinkcentre_m80sthinksystem_sr250_v2thinkagile_mx3520_hthinkcentre_m630e_firmwarethinkagile_mx3530-h_firmwarethinksystem_st250_v2_firmwarev530-24icb_firmwareideacentre_gaming_5_17acn7thinkstation_p348thinksystem_sr650_firmwarethinkserver_rd650_firmwarethinkcentre_m710t_firmwarethinkpad_p43sqitian_a815thinkagile_hx7530thinksystem_sr530thinkcentre_m720e_firmwarethinkcentre_m80qthinkpad_l390_firmwarethinkpad_t14_gen_2thinkedge_se30thinkagile_mx3520_fn4610_storage_firmwareqt_b415thinkagile_hx7821thinkagile_hx5521_firmwarelegion_t7-34imz5v30a-24iml_firmwarethinkagile_hx1021_firmwarethinkcentre_m70cthinkpad_x13_gen_2_firmwarethinkagile_vx3331v520s_firmwarethinksystem_st258_v2thinkagile_vx7820_firmwarethinkagile_hx5520-c_firmwarethinkcentre_m75q_gen_2thinkcentre_m90athinkstation_p350_firmwarethinksystem_st58thinkpad_l390ideacentre_c5-14imb05thinkpad_t15_gen_2_firmwarethinkcentre_m70s_gen_3thinkagile_mx3331-hv50s-07imb_firmwarethinksystem_sn550_firmwarethinksystem_sr258_firmwaren4610_storagethinkcentre_m8600t_firmwarethinkpad_l14v30a-22iml_firmwarethinkagile_hx1521-rthinkserver_rd350gthinkagile_hx3320thinkserver_ts460thinkpad_p1_gen_1ideacentre_5-14imb05_firmwarethinkpad_t14_gen_1thinkagile_mx3331-fthinkagile_hx7531_firmwarethinksystem_sr670thinkpad_e14_firmwarethinksystem_sr590ideacentre_a340-22igm_firmwareideacentre_5-14acn6thinkagile_vx2330_firmwarethinkagile_vx3530-g_firmwareideacentre_3-07imb05ideacentre_gaming_5-14acn6_firmwarethinkcentre_m75t_gen_2ideacentre_creator_5-14iob6_firmwarethinkpad_p43s_firmwarethinkserver_sr860pthinkcentre_m70q_firmwarethinkpad_x13_yoga_gen_1thinkagile_mx3520_h_firmwarethinkpad_p17_gen_1thinkcentre_m720eideacentre_a340-24igmthinksystem_sr665_firmwarethinkserver_ts550_firmwarethinksystem_sd630_v2_firmwarethinkserver_rs260_firmwarethinkcentre_m70t_gen_3thinkagile_hx3521-g_firmwarethinkagile_mx3531_h_firmwarethinkcentre_e96zthinkcentre_m818z_firmwareideacentre_5_14iab7_firmwarethinkstation_p520thinksystem_sr158_firmwarethinkpad_x12_detachable_gen_1_firmwarethinkagile_vx_1u_firmwarethinkserver_sr590_firmwarethinkcentre_m710ev50t-13imbthinksystem_dn8836_firmwarethinkagile_vx5520_firmwarethinksystem_st550_firmwarethinkstation_p310v530-22icbthinkpad_x1_yoga_6th_genv330-20icb_firmwareideacentre_gaming_5_17acn7_firmwarethinkpad_e15_firmwarethinkagile_hx5520-cthinkpad_x390thinkstation_p620thinkcentre_m710tthinkstation_p350thinkpad_t15g_gen_1thinkserver_sr590legion_c530-19icb_firmwareqt_m415_firmwarethinkagile_mx3321_fthinkagile_hx3330_firmwarethinkpad_t490_firmwarethinkcentre_m70q_gen_2_firmwarestadia_ggp-120thinksystem_sd650-n_v2v50s-07imbthinkagile_hx3321_firmwarethinkstation_p340_firmwaren3310_storagethinkpad_l390_yogaideacentre_5-14acn6_firmwareideacentre_gaming_5-14acn6thinkcentre_m70tthinkcentre_m90a_gen_2_firmwarethinkpad_t15p_gen_1__firmwarethinkstation_p520c_firmwarethinkagile_mx3330-hthinkagile_vx7530thinkpad_x1_extreme_1st_gen_firmwarethinkpad_x13_firmwarethinksystem_se350_firmwarethinkserver_rs160_firmwarethinkagile_hx3721_firmwarethinksystem_dn8836thinksystem_sr850p_firmwarethinkcentre_m75t_gen_2_firmwarev50t-13iob_g2thinksystem_sr258_v2_firmwarethinkagile_hx3320_firmwarethinkpad_e490sideacentre_gaming_5-14iob6v520sthinkpad_x1_extreme_3rd_gen_firmwaren3310_storage_firmwarethinkpad_l13_yogathinkagile_mx3330-fthinksystem_sd650_dwc_dual_node_tray_firmwarethinksystem_st258_v2_firmwarethinkpad_x1_yoga_4th_genthinkpad_t15g_gen_1_firmwarethinkagile_vx7330_firmwarethinkagile_vx7531_firmwarethinksystem_sr850_firmwarethinkagile_vx3330_firmwarethinkcentre_m910q_firmwarethinkagile_hx7531thinkstation_p350_tinythinkagile_vx7531thinkpad_e15qt_m410_firmwarethinkcentre_m75s_gen_2_firmwarethinksystem_sr850_v2_firmwarethinksystem_st558ideacentre_a340-24igm_firmwareideacentre_510s-07icbthinksystem_st58_firmwarethinkagile_mx1021_firmwarethinkcentre_m710q_firmwarethinkpad_x390_yogathinkcentre_m818zthinkagile_hx7520thinkagile_hx3330qt_m415thinkcentre_m8600tv520thinkagile_mx3331-h_firmwarethinkagile_hx1331_firmwarethinkpad_p14s_gen_1thinkagile_hx3321thinkcentre_m910qthinksystem_sr250thinksystem_sr850_v2thinksystem_se350thinkagile_mx1020_firmwarethinkpad_p1_gen_3thinkpad_l14_gen_2thinksmart_hub_zoomthinkpad_x1_titanium_firmwarethinkagile_hx3720_firmwarethinkpad_t14s_gen_2_firmwareideacentre_3-07ada05thinkcentre_m6600sstadia_ggp-120_firmwarethinkcentre_m60e_tiny_firmwarethinkcentre_m70q_gen_3_firmwarethinkagile_vx_2uv35s-07ada_firmwarethinkcentre_m700qthinkpad_x12_detachable_gen_1thinkagile_mx_certified_node_-_all_flashthinkagile_hx5521-cthinkagile_vx_1uthinkpad_l490thinkagile_vx3720_firmwarethinkagile_hx1520-r_firmwarev530s-07icr_firmwarethinkagile_hx5531thinksystem_sr630_firmwarethinkpad_l590_firmwarethinksystem_sr550_firmwarethinkpad_e15_gen_2_firmwarev530s-07icrthinkpad_e15_gen_2thinkcentre_e75tthinkpad_l15v50t-13imb_firmwareideacentre_gaming_5_17iab7ideacentre_3-07imb05_firmwareqitian_a815_firmwareideacentre_g5-14amr05yta8900f_firmwarethinkpad_x1_titaniumthinksystem_sr645ideacentre_gaming_5-14iob6_firmwarethinkpad_x1_nano_gen_1_firmwarethinkcentre_m80s_firmwarethinkcentre_m910tthinkpad_p14s_gen_2thinksystem_sr630_v2_firmwarethinkpad_p15v_gen_1_firmwarethinkserver_ts250thinkcentre_e75t_firmwarethinkpad_p15_gen_1thinkagile_vx5530_firmwarethinksystem_sr258thinkagile_hx5521thinkagile_mx3531-f_firmwarev530-15arr_firmwarethinksmart_hub_teams_firmwarethinkcentre_m820z_all-in-one_firmwarethinksystem_sr645_firmwarethinksystem_sn550thinkagile_hx3375_firmwarethinkagile_hx3721thinkpad_e590_firmwarethinkcentre_m70s_firmwarethinkstation_p320_tinythinkagile_hx3520-g_firmwareideacentre_3_07iab7_firmwarethinkcentre_neo_50s_gen_3thinkpad_t490thinkcentre_m70qthinkpad_p73_firmwarethinkagile_mx_certified_node_-_hybridv35s-07adathinkagile_vx1320_firmwarethinkpad_x1_carbon_9th_genthinkcentre_m625qthinkpad_x1_carbon_7th_genthinksystem_sr630thinkcentre_neo_50s_gen_3_firmwarethinkagile_vx7320_nthinkpad_x390_firmwarethinksystem_st658_v2thinkagile_hx1521-r_firmwarethinkagile_hx7820thinkagile_vx2320ideacentre_5-14iob6thinkagile_hx7520_firmwarev50a-24imb_firmwarev530-15icb_firmwareideacentre_510s-07ick_firmwarelegion_t530-28icb_firmwarethinksystem_sr860_v2thinkpad_x13thinkpad_e14_gen_2thinkagile_hx7521_firmwarethinkcentre_m70a_firmwarethinkcentre_m700q_firmwarethinkagile_hx3375thinksystem_hr650xv530s-07icbthinkagile_hx2720-e_firmwarethinksystem_dx1100uv50a-22imbyangtian_afq150thinkpad_x13_yoga_gen_1_firmwarev530-22icb_firmwarethinkpad_l15_gen_2thinksmart_hub_500_firmwarethinksystem_sr570thinkcentre_m810z_all-in-one_firmwarethinkagile_vx7520ideacentre_creator_5-14iob6thinkcentre_m70a_gen_2thinkagile_vx_4uideacentre_5-14imb05thinkcentre_m80tthinksystem_st50thinkpad_p1_gen_2_firmwarethinkpad_l13_firmwarethinksystem_st258thinkcentre_m610thinksystem_sr850pthinkserver_td350thinkpad_x1_nano_gen_1thinkagile_hx2331_firmwarethinkpad_p15_gen_1_firmwarethinkstation_p340_tinythinkagile_vx3520-gthinkstation_p520_firmwarethinksystem_sr670_firmwarethinkcentre_m910xthinksystem_sr150thinkcentre_m80q_firmwarethinkagile_vx3720thinksystem_dx1100u_firmwarethinkcentre_m6600s_firmwarethinkcentre_m90s_firmwarethinkpad_p53sthinksystem_sd650_v2_firmwarethinkpad_x13_yoga_gen_2thinkcentre_m910sthinkpad_e14ideacentre_3_07iab7thinkagile_hx2720-ethinkcentre_m6600q_firmwarethinksystem_sn550_v2_firmwarethinkpad_x1_yoga_4th_gen_firmwarethinkserver_sr588thinkpad_l14_firmwarethinkpad_t490s_firmwarethinkagile_hx5520_firmwarethinkpad_p14s_gen_1_firmwareideacentre_5_14iab7thinkagile_mx1020thinkserver_ts250_firmwarethinksystem_sr665thinksystem_sr150_firmwarethinkagile_vx7320_n_firmwarethinkpad_e490s_firmwarethinkpad_p1_gen_2thinkpad_x13_yoga_gen_2_firmwarethinkserver_rs260thinksystem_st50_firmwarethinkpad_e490_firmwarethinkagile_mx3321_f_firmwarethinksystem_dx8200dthinksystem_hr630xthinkagile_mx3520_f_firmwarethinkpad_e14_gen_2_firmwarethinksystem_sd530_firmwarethinkpad_p17_gen_1_firmwarethinkagile_vx_1sethinkstation_p320_tiny_firmwarethinkpad_p53_firmwarev50a-22imb_firmwarethinkcentre_m90q_gen_2_firmwarethinkagile_hx5521-c_firmwarethinkagile_vx7330thinkpad_l15_firmwarev530-24icbv30a-22imlthinkserver_rd350thinkstation_p340_tiny_firmwarethinksystem_sr250_firmwarethinkcentre_e75s_firmwareideacentre_c5-14imb05_firmwareyoga_a940-27icbthinkcentre_m610_firmwarethinkserver_ts450_firmwarethinksmart_hub_zoom_firmwarethinkpad_l13thinkpad_t490sv540-24iwl_firmwarethinkagile_vx7520_n_firmwarethinkpad_p73thinkcentre_m75q_gen_2_firmwarethinkpad_x1_extreme_2nd_gen_firmwarethinkstation_p348_firmwarethinkpad_p72thinkcentre_m910t_firmwarethinkpad_s3_2nd_genthinkcentre_m710sthinkpad_t14_gen_1_firmwarethinkagile_vx3331_firmwarethinkagile_vx7520_firmwarethinkpad_p1_gen_1_firmwarethinkserver_ts460_firmwarethinkpad_x1_yoga_5th_gen_firmwarethinkpad_p15s_gen_2ideacentre_gaming_5_17iab7_firmwarethinkserver_ts560thinkagile_hx5531_firmwarethinkagile_mx3531_hthinksystem_sr650thinksystem_sr590_firmwarethinkstation_p520cthinkserver_rd550BIOS
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • Next
Details not found