Export limit exceeded: 359583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9519 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2803 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 13.0.782.107 does not properly handle Skia paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-2851 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-1192 | 2 Google, Linux | 2 Chrome, Linux Kernel | 2025-04-11 | N/A |
| Google Chrome before 10.0.648.127 on Linux does not properly handle Unicode ranges, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-3025 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 17.0.963.56 does not properly parse H.264 data, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-2843 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 14.0.835.163 does not properly handle media buffers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2011-2850 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 14.0.835.163 does not properly handle Khmer characters, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. | ||||
| CVE-2013-5651 | 1 Redhat | 1 Libvirt | 2025-04-11 | N/A |
| The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune. | ||||
| CVE-2013-7038 | 1 Gnu | 1 Libmicrohttpd | 2025-04-11 | N/A |
| The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read. | ||||
| CVE-2013-3245 | 1 Videolan | 1 Vlc Media Player | 2025-04-11 | 6.3 Medium |
| plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine." A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow | ||||
| CVE-2022-40656 | 1 Nikon | 1 Nis-elements Viewer | 2025-04-10 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ND2 files. Crafted data in a ND2 file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15072. | ||||
| CVE-2022-42267 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2025-04-10 | 7 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability where a regular user can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | ||||
| CVE-2024-20763 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-04-10 | 5.5 Medium |
| Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-42254 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2025-04-10 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, data tampering, or information disclosure. | ||||
| CVE-2022-34684 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2025-04-10 | 5.3 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure. | ||||
| CVE-2022-46360 | 1 Fujielectric | 2 Tellus, V-sft | 2025-04-10 | 7.8 High |
| Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file. | ||||
| CVE-2022-41645 | 1 Fujielectric | 1 V-server | 2025-04-10 | 7.8 High |
| Out-of-bounds read vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file. | ||||
| CVE-2022-32641 | 2 Google, Mediatek | 57 Android, Mt6580, Mt6731 and 54 more | 2025-04-10 | 6.7 Medium |
| In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594. | ||||
| CVE-2022-32639 | 2 Google, Mediatek | 19 Android, Mt6739, Mt6768 and 16 more | 2025-04-10 | 4.4 Medium |
| In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487. | ||||
| CVE-2022-46457 | 1 Nasm | 1 Netwide Assembler | 2025-04-10 | 5.5 Medium |
| NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c. | ||||
| CVE-2022-44446 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | 5.5 Medium |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | ||||