Export limit exceeded: 351403 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9257 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47914 | 1 Golang | 2 Crypto, Ssh | 2025-12-11 | 5.3 Medium |
| SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. | ||||
| CVE-2025-21074 | 1 Samsung | 2 Android, Mobile Devices | 2025-12-11 | 4.3 Medium |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory. | ||||
| CVE-2021-4156 | 3 Debian, Libsndfile Project, Redhat | 3 Debian Linux, Libsndfile, Enterprise Linux | 2025-12-11 | 7.1 High |
| An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory information that could be used in further exploitation of other flaws. | ||||
| CVE-2025-58113 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2025-12-10 | 6.5 Medium |
| An out-of-bounds read vulnerability exists in the EMF functionality of PDF-XChange Co. Ltd PDF-XChange Editor 10.7.3.401. By using a specially crafted EMF file, an attacker could exploit this vulnerability to perform an out-of-bounds read, potentially leading to the disclosure of sensitive information. | ||||
| CVE-2025-64893 | 3 Adobe, Apple, Microsoft | 3 Dng Software Development Kit, Macos, Windows | 2025-12-10 | 7.1 High |
| DNG SDK versions 1.7.0 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-32631 | 1 Asrmicro | 26 Asr1602, Asr1602 Firmware, Asr1603 and 23 more | 2025-12-10 | 7.2 High |
| Out-of-Bounds read in ciCCIOTOPT in ASR180X will cause incorrect computations. | ||||
| CVE-2025-57697 | 1 Astrbot | 1 Astrbot | 2025-12-05 | 6.5 Medium |
| AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Since the _encode_image_bs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimacy of the image path, attackers can construct a series of malicious URLs to read any specified file, resulting in sensitive data leakage. | ||||
| CVE-2025-58476 | 1 Samsung | 2 Android, Mobile Devices | 2025-12-05 | 4.2 Medium |
| Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory. | ||||
| CVE-2025-58479 | 1 Samsung | 2 Android, Mobile Devices | 2025-12-05 | 4.3 Medium |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | ||||
| CVE-2017-13037 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-05 | 9.8 Critical |
| The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). | ||||
| CVE-2017-13027 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-05 | 9.8 Critical |
| The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print(). | ||||
| CVE-2012-1571 | 3 Christos Zoulas, Redhat, Tim Robbins | 3 File, Enterprise Linux, Libmagic | 2025-12-04 | 6.5 Medium |
| file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference. | ||||
| CVE-2024-27094 | 1 Openzeppelin | 3 Contracts, Contracts Upgradeable, Openzeppelin Contracts | 2025-12-04 | 6.5 Medium |
| OpenZeppelin Contracts is a library for secure smart contract development. The `Base64.encode` function encodes a `bytes` input by iterating over it in chunks of 3 bytes. When this input is not a multiple of 3, the last iteration may read parts of the memory that are beyond the input buffer. The vulnerability is fixed in 5.0.2 and 4.9.6. | ||||
| CVE-2017-13035 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id(). | ||||
| CVE-2017-13034 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). | ||||
| CVE-2017-13031 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). | ||||
| CVE-2017-13028 | 3 Debian, Redhat, Tcpdump | 3 Debian Linux, Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). | ||||
| CVE-2017-13025 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | ||||
| CVE-2017-13024 | 3 Debian, Redhat, Tcpdump | 3 Debian Linux, Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | ||||
| CVE-2017-13022 | 2 Redhat, Tcpdump | 2 Enterprise Linux, Tcpdump | 2025-12-04 | 9.8 Critical |
| The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute(). | ||||