Total
8118 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9204 | 1 Entropymine | 1 Imageworsener | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| The iw_get_ui16le function in imagew-util.c:405:23 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service (invalid read and SEGV) via a crafted image, related to imagew-jpeg.c. | |||||
| CVE-2016-7643 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2025-04-20 | 5.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "ImageIO" component. It allows remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) via a crafted web site. | |||||
| CVE-2017-13672 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors involving display update. | |||||
| CVE-2017-11213 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Macos, Chrome Os and 7 more | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer due to an integer overflow; the computation is part of the abstraction that creates an arbitrarily sized transparent or opaque bitmap image. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2022-32948 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-04-18 | N/A | 7.8 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-20557 | 1 Google | 1 Android | 2025-04-18 | N/A | 6.7 MEDIUM |
| In MessageQueueBase of MessageQueueBase.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-247092734 | |||||
| CVE-2022-20555 | 1 Google | 1 Android | 2025-04-18 | N/A | 4.4 MEDIUM |
| In ufdt_get_node_by_path_len of ufdt_convert.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-246194233 | |||||
| CVE-2022-20528 | 1 Google | 1 Android | 2025-04-18 | N/A | 3.3 LOW |
| In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230172711 | |||||
| CVE-2025-20660 | 2 Google, Mediatek | 2 Android, Mt9972 | 2025-04-18 | N/A | 6.7 MEDIUM |
| In PlayReady TA, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04436357; Issue ID: MSV-3186. | |||||
| CVE-2022-20595 | 1 Google | 1 Android | 2025-04-18 | N/A | 4.4 MEDIUM |
| In getWpcAuthChallengeResponse of WirelessCharger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239700137References: N/A | |||||
| CVE-2022-20593 | 1 Google | 1 Android | 2025-04-18 | N/A | 4.4 MEDIUM |
| In pop_descriptor_string of BufferDescriptor.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239415809References: N/A | |||||
| CVE-2022-20575 | 1 Google | 1 Android | 2025-04-18 | N/A | 5.5 MEDIUM |
| In read_ppmpu_info of drm_fw.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237585040References: N/A | |||||
| CVE-2022-20574 | 1 Google | 1 Android | 2025-04-18 | N/A | 5.5 MEDIUM |
| In sec_sysmmu_info of drm_fw.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237582191References: N/A | |||||
| CVE-2025-27180 | 1 Adobe | 1 Substance 3d Modeler | 2025-04-18 | N/A | 5.5 MEDIUM |
| Substance3D - Modeler versions 1.15.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27184 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-04-18 | N/A | 5.5 MEDIUM |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27186 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-04-18 | N/A | 5.5 MEDIUM |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27187 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-04-18 | N/A | 5.5 MEDIUM |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-32622 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 9.1 CRITICAL |
| HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c). | |||||
| CVE-2024-32607 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 5.7 MEDIUM |
| HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer. | |||||
| CVE-2024-32614 | 1 Hdfgroup | 1 Hdf5 | 2025-04-18 | N/A | 8.8 HIGH |
| HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c. | |||||