Export limit exceeded: 10225 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 18861 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9150 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40302 | 3 Debian, Frrouting, Redhat | 3 Debian Linux, Frrouting, Enterprise Linux | 2025-01-30 | 6.5 Medium |
| An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. | ||||
| CVE-2023-29942 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType. | ||||
| CVE-2023-29941 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp. | ||||
| CVE-2023-29939 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr). | ||||
| CVE-2023-29934 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect(). | ||||
| CVE-2023-29933 | 1 Llvm | 1 Llvm | 2025-01-29 | 5.5 Medium |
| llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument. | ||||
| CVE-2023-27938 | 1 Apple | 1 Macos | 2025-01-29 | 7.8 High |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution. | ||||
| CVE-2023-27945 | 1 Apple | 1 Xcode | 2025-01-29 | 6.3 Medium |
| This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A sandboxed app may be able to collect system logs. | ||||
| CVE-2023-27929 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-01-29 | 5.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing a maliciously crafted image may result in disclosure of process memory. | ||||
| CVE-2023-30084 | 1 Libming | 1 Libming | 2025-01-29 | 5.5 Medium |
| An issue found in libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the stackVal function in util/decompile.c. | ||||
| CVE-2023-27949 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-01-29 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | ||||
| CVE-2023-27946 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-01-29 | 7.8 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution. | ||||
| CVE-2022-48236 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 4.4 Medium |
| In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2022-39089 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 4.4 Medium |
| In mlog service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2023-29460 | 1 Rockwellautomation | 1 Arena | 2025-01-28 | 7.8 High |
| An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow potentially resulting in a complete loss of confidentiality, integrity, and availability. | ||||
| CVE-2023-29461 | 1 Rockwellautomation | 1 Arena | 2025-01-28 | 7.8 High |
| An arbitrary code execution vulnerability contained in Rockwell Automation's Arena Simulation software was reported that could potentially allow a malicious user to commit unauthorized arbitrary code to the software by using a memory buffer overflow in the heap. potentially resulting in a complete loss of confidentiality, integrity, and availability. | ||||
| CVE-2022-47334 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | 4.4 Medium |
| In phasecheck server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2023-30985 | 1 Siemens | 1 Solid Edge Se2023 | 2025-01-28 | 3.3 Low |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19426) | ||||
| CVE-2021-46794 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | 7.5 High |
| Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. | ||||
| CVE-2021-46749 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | 7.5 High |
| Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of service. | ||||