Total
7744 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27367 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-03-14 | 4.4 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_scan_ind(), there is no input validation check on a length coming from userspace, which can lead to integer overflow and a potential heap over-read. | ||||
| CVE-2024-54518 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-14 | 5.3 Medium |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. | ||||
| CVE-2024-53589 | 2025-03-14 | 8.4 High | ||
| GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files. | ||||
| CVE-2024-33767 | 2025-03-14 | 5 Medium | ||
| lunasvg v2.3.9 was discovered to contain a segmentation violation via the component composition_solid_source. | ||||
| CVE-2022-23089 | 2025-03-13 | 4.7 Medium | ||
| When dumping core and saving process information, proc_getargv() might return an sbuf which have a sbuf_len() of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted ps_string, which in turn can cause the kernel to crash. | ||||
| CVE-2024-30630 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-03-13 | 9.8 Critical |
| Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the time parameter from saveParentControlInfo function. | ||||
| CVE-2024-44134 | 1 Apple | 1 Macos | 2025-03-13 | 5.5 Medium |
| This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information. | ||||
| CVE-2024-37371 | 3 Debian, Mit, Redhat | 9 Debian Linux, Kerberos 5, Enterprise Linux and 6 more | 2025-03-13 | 9.1 Critical |
| In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. | ||||
| CVE-2018-9464 | 2025-03-13 | 7.8 High | ||
| In multiple locations, there is a possible way to read protected files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2021-47138 | 2 Linux, Redhat | 4 Linux Kernel, Rhel Aus, Rhel E4s and 1 more | 2025-03-13 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: cxgb4: avoid accessing registers when clearing filters Hardware register having the server TID base can contain invalid values when adapter is in bad state (for example, due to AER fatal error). Reading these invalid values in the register can lead to out-of-bound memory access. So, fix by using the saved server TID base when clearing filters. | ||||
| CVE-2024-32897 | 1 Google | 1 Android | 2025-03-13 | 5.9 Medium |
| In ProtocolCdmaCallWaitingIndAdapter::GetCwInfo() of protocolsmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | ||||
| CVE-2024-30604 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-03-13 | 7.5 High |
| Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 parameter of the fromDhcpListClient function. | ||||
| CVE-2024-28537 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-13 | 9.8 Critical |
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the page parameter of fromNatStaticSetting function. | ||||
| CVE-2025-1433 | 2025-03-13 | 7.8 High | ||
| A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-32904 | 1 Google | 1 Android | 2025-03-13 | 4.7 Medium |
| In ProtocolVsimOperationAdapter() of protocolvsimadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. | ||||
| CVE-2024-27381 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-03-13 | 6 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_ut(), there is no input validation check on len coming from userspace, which can lead to a heap over-read. | ||||
| CVE-2024-20102 | 2 Google, Mediatek | 9 Android, Mt3605, Mt6985 and 6 more | 2025-03-13 | 4.9 Medium |
| In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998892; Issue ID: MSV-1601. | ||||
| CVE-2024-20088 | 2 Google, Mediatek | 29 Android, Mt6765, Mt6768 and 26 more | 2025-03-13 | 4.4 Medium |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08932099; Issue ID: MSV-1543. | ||||
| CVE-2023-52365 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 7.7 High |
| Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally. | ||||
| CVE-2025-1428 | 2025-03-13 | 7.8 High | ||
| A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||