Vulnerabilities (CVE)

Filtered by CWE-125
Total 6480 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-45466 1 Siemens 1 Tecnomatix Plant Simulation 2024-10-15 N/A 7.8 HIGH
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
CVE-2024-48958 1 Libarchive 1 Libarchive 2024-10-11 N/A 7.8 HIGH
execute_filter_delta in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
CVE-2024-48957 1 Libarchive 1 Libarchive 2024-10-11 N/A 7.8 HIGH
execute_filter_audio in archive_read_support_format_rar.c in libarchive before 3.7.5 allows out-of-bounds access via a crafted archive file because src can move beyond dst.
CVE-2024-47420 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-10-10 N/A 5.5 MEDIUM
Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-47419 3 Adobe, Apple, Microsoft 3 Animate, Macos, Windows 2024-10-10 N/A 5.5 MEDIUM
Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-20102 2 Google, Mediatek 9 Android, Mt3605, Mt6985 and 6 more 2024-10-10 N/A 4.9 MEDIUM
In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998892; Issue ID: MSV-1601.
CVE-2024-7670 1 Autodesk 1 Navisworks 2024-10-07 N/A 7.8 HIGH
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVE-2024-44912 1 Nasa 1 Cryptolib 2024-10-07 N/A 7.5 HIGH
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TM subsystem (crypto_tm.c).
CVE-2024-44911 1 Nasa 1 Cryptolib 2024-10-07 N/A 7.5 HIGH
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the TC subsystem (crypto_aos.c).
CVE-2024-44910 1 Nasa 1 Cryptolib 2024-10-07 N/A 7.5 HIGH
NASA CryptoLib v1.3.0 was discovered to contain an Out-of-Bounds read via the AOS subsystem (crypto_aos.c).
CVE-2024-0116 2024-10-04 N/A 4.9 MEDIUM
NVIDIA Triton Inference Server contains a vulnerability where a user may cause an out-of-bounds read issue by releasing a shared memory region while it is in use. A successful exploit of this vulnerability may lead to denial of service.
CVE-2024-8159 2024-10-04 N/A 6.4 MEDIUM
Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver.
CVE-2024-41595 2024-10-04 N/A 8.0 HIGH
DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations.
CVE-2024-6876 1 Codesys 1 Oscat Basic Library 2024-10-01 N/A 4.4 MEDIUM
Out-of-Bounds read vulnerability in OSCAT Basic Library allows an local, unprivileged attacker to access limited internal data of the PLC which may lead to a crash of the affected service.
CVE-2024-39434 2 Google, Unisoc 10 Android, S8000, T606 and 7 more 2024-09-30 N/A 4.4 MEDIUM
In drm service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2024-36981 1 Openplcproject 1 Openplc V3 Firmware 2024-09-26 N/A 7.5 HIGH
An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.This is the final instance of the incorrect comparison.
CVE-2024-36980 1 Openplcproject 1 Openplc V3 Firmware 2024-09-26 N/A 7.5 HIGH
An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLC_v3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.This is the first instance of the incorrect comparison.
CVE-2024-44161 1 Apple 1 Macos 2024-09-26 N/A 5.5 MEDIUM
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted texture may lead to unexpected app termination.
CVE-2024-46731 1 Linux 1 Linux Kernel 2024-09-26 N/A 7.1 HIGH
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mc_data[] when i = 0.
CVE-2024-27880 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2024-09-24 N/A 5.5 MEDIUM
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. Processing a maliciously crafted file may lead to unexpected app termination.