Loading...
Loading...
7,885 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 …
The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability an attacker…
HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resulting in the corruption of the instruction pointer.
HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.
HDF5 Library through 1.14.3 contains a out-of-bounds read operation in H5FL_arr_malloc in H5FL.c (called from H5S_set_extent_simple in H5S.c).
Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations.
A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions …
A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions …
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available.
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No kn…
FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. This occurs when `WCHAR` string is read with twice the size it has and converted to `UTF-8`…
Out-of-bounds read for some OpenCL(TM) software may allow an authenticated user to potentially enable denial of service via local access.
Improper Input Validation vulnerability in Samsung Open Source escargot JavaScript engine allows Overflow Buffers. However, it occurs in the test code and does not include in the release. This issue affects escargot: 4.0.0.
In _s5e9865_mif_set_rate of exynos_dvfs.c, there is a possible out of bounds read due to improper casting. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for e…
In bc_get_converted_received_bearer of bc_utilities.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction …
In ProtocolCdmaCallWaitingIndAdapter::GetCwInfo() of protocolsmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required.…
In ProtocolCellIdentityParserV4::Parse() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Inte…
In ProtocolVsimOperationAdapter() of protocolvsimadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interactio…
In tpu_get_int_state of tpu.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploit…
In CellInfoListParserV2::FillCellInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User inte…
In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User inter…
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
Transient DOS while parsing ESP IE from beacon/probe response frame.
Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report.
Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame.
Transient DOS while parsing the received TID-to-link mapping action frame.
Transient DOS while processing TID-to-link mapping IE elements.
Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp.
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
Memory corruption when the captureRead QDCM command is invoked from user-space.
Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.
Transient DOS while parsing noninheritance IE of Extension element when length of IE is 2 of beacon frame.
Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper.
Transient DOS while processing TIM IE from beacon frame as there is no check for IE length.
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.
Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process.
Information disclosure while parsing the multiple MBSSID IEs from the beacon.
Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver.
Transient DOS while parsing ESP IE from beacon/probe response frame.
Transient DOS while parsing the MBSSID IE from the beacons when IE length is 0.
Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE.
An issue in FME Modules fileuploads v.2.0.3 and before and fixed in v2.0.4 allows a remote attacker to obtain sensitive information via the uploadfiles.php component.
A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow …
A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow …
A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow …
A vulnerability has been identified in Solid Edge (All versions < V224.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow …
EchelonGraph correlates every CVE — across CWE-125 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →