Total
6137 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-34629 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary with text common object in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34628 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary with path in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34627 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in parsing implemention in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34626 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying own binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34625 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying connection point in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34631 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying new binary in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34621 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary with data in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-34624 | 1 Samsung | 1 Notes | 2024-08-09 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying paragraphs in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially read memory. | |||||
| CVE-2024-0107 | 2024-08-08 | N/A | 7.8 HIGH | ||
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2024-0102 | 2024-08-08 | N/A | 3.3 LOW | ||
| NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm, where an attacker can cause an out-of-bounds read issue by deceiving a user into reading a malformed ELF file. A successful exploit of this vulnerability might lead to denial of service. | |||||
| CVE-2013-3245 | 1 Videolan | 1 Vlc Media Player | 2024-08-06 | 6.8 MEDIUM | 6.3 MEDIUM |
| plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer overflow, or an uncaught exception. NOTE: the vendor disputes the severity and claimed vulnerability type of this issue, stating "This PoC crashes VLC, indeed, but does nothing more... this is not an integer overflow error, but an uncaught exception and I doubt that it is exploitable. This uncaught exception makes VLC abort, not execute random code, on my Linux 64bits machine." A PoC posted by the original researcher shows signs of an attacker-controlled out-of-bounds read, but the affected instruction does not involve a register that directly influences control flow | |||||
| CVE-2014-3180 | 2 Google, Linux | 2 Chrome Os, Linux Kernel | 2024-08-06 | 6.4 MEDIUM | 9.1 CRITICAL |
| In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable | |||||
| CVE-2024-28579 | 2024-08-05 | N/A | 6.2 MEDIUM | ||
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_Unload() function when reading images in HDR format. | |||||
| CVE-2017-6363 | 1 Libgd | 1 Libgd | 2024-08-05 | 5.8 MEDIUM | 8.1 HIGH |
| In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says "In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.' | |||||
| CVE-2018-15161 | 1 Libesedb Project | 1 Libesedb | 2024-08-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| The libesedb_key_append_data function in libesedb_key.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments | |||||
| CVE-2018-15160 | 1 Libesedb Project | 1 Libesedb | 2024-08-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| The libesedb_catalog_definition_read function in libesedb_catalog_definition.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments | |||||
| CVE-2018-15159 | 1 Libesedb Project | 1 Libesedb | 2024-08-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| The libesedb_page_read_tags function in libesedb_page.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments | |||||
| CVE-2018-15158 | 1 Libesedb Project | 1 Libesedb | 2024-08-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| The libesedb_page_read_values function in libesedb_page.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments | |||||
| CVE-2018-15157 | 1 Libfsclfs Project | 1 Libfsclfs | 2024-08-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote attackers to cause a heap-based buffer over-read via a crafted clfs file. NOTE: the vendor has disputed this as described in the GitHub issue comments | |||||
| CVE-2018-12098 | 1 Liblnk Project | 1 Liblnk | 2024-08-05 | 1.9 LOW | 5.5 MEDIUM |
| The liblnk_data_block_read function in liblnk_data_block.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file. NOTE: the vendor has disputed this as described in libyal/liblnk issue 33 on GitHub | |||||