Total
8118 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-44647 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2025-04-29 | N/A | 5.5 MEDIUM |
| An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44648. | |||||
| CVE-2022-44648 | 2 Microsoft, Trendmicro | 2 Windows, Apex One | 2025-04-29 | N/A | 5.5 MEDIUM |
| An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44647. | |||||
| CVE-2025-24449 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-04-28 | N/A | 5.5 MEDIUM |
| Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-24448 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-04-28 | N/A | 5.5 MEDIUM |
| Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27161 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-28 | N/A | 7.8 HIGH |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27163 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-28 | N/A | 5.5 MEDIUM |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27164 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-28 | N/A | 5.5 MEDIUM |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-24431 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-28 | N/A | 5.5 MEDIUM |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-45909 | 1 Drachtio | 1 Drachtio-server | 2025-04-25 | N/A | 9.1 CRITICAL |
| drachtio-server before 0.8.19 has a heap-based buffer over-read via a long Request-URI in an INVITE request. | |||||
| CVE-2024-20071 | 2 Mediatek, Openwrt | 5 Mt6890, Mt6990, Mt7622 and 2 more | 2025-04-25 | N/A | 4.4 MEDIUM |
| In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Issue ID: MSV-1331. | |||||
| CVE-2024-54938 | 1 Lopalopa | 1 E-learning Management System | 2025-04-24 | N/A | 7.5 HIGH |
| A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads. | |||||
| CVE-2024-20107 | 5 Google, Linuxfoundation, Mediatek and 2 more | 24 Android, Yocto, Mt6781 and 21 more | 2025-04-24 | N/A | 6.2 MEDIUM |
| In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09124360; Issue ID: MSV-1823. | |||||
| CVE-2022-45315 | 1 Mikrotik | 1 Routeros | 2025-04-24 | N/A | 9.8 CRITICAL |
| Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet. | |||||
| CVE-2022-45313 | 1 Mikrotik | 1 Routeros | 2025-04-24 | N/A | 8.8 HIGH |
| Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message. | |||||
| CVE-2022-39130 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
| In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | |||||
| CVE-2022-42774 | 2 Google, Unisoc | 14 Android, S8002, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42773 | 2 Google, Unisoc | 14 Android, S8001, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42768 | 2 Google, Unisoc | 14 Android, S8013, Sc7731e and 11 more | 2025-04-23 | N/A | 4.3 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42781 | 2 Google, Unisoc | 14 Android, S8006, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42780 | 2 Google, Unisoc | 14 Android, S8005, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||