Total
6546 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21359 | 1 Google | 1 Android | 2023-11-04 | N/A | 4.4 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21379 | 1 Google | 1 Android | 2023-11-03 | N/A | 4.4 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21372 | 1 Google | 1 Android | 2023-11-03 | N/A | 7.8 HIGH |
| In libdexfile, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21347 | 1 Google | 1 Android | 2023-11-03 | N/A | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21368 | 1 Google | 1 Android | 2023-11-02 | N/A | 5.5 MEDIUM |
| In Audio, there is a possible out of bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-46331 | 1 Webassembly | 1 Webassembly Binary Toolkit | 2023-10-30 | N/A | 5.5 MEDIUM |
| WebAssembly wabt 1.0.33 has an Out-of-Bound Memory Read in in DataSegment::IsValidRange(), which lead to segmentation fault. | |||||
| CVE-2020-22217 | 2 C-ares, Debian | 2 C-ares, Debian Linux | 2023-10-30 | N/A | 5.9 MEDIUM |
| Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. | |||||
| CVE-2023-34044 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2023-10-28 | N/A | 6.0 MEDIUM |
| VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. | |||||
| CVE-2023-45682 | 1 Nothings | 1 Stb Vorbis.c | 2023-10-26 | N/A | 7.1 HIGH |
| stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds read in `DECODE` macro when `var` is negative. As it can be seen in the definition of `DECODE_RAW` a negative `var` is a valid value. This issue may be used to leak internal memory allocation information. | |||||
| CVE-2023-5059 | 1 Santesoft | 1 Fft Imaging | 2023-10-25 | N/A | 7.8 HIGH |
| Santesoft Sante FFT Imaging lacks proper validation of user-supplied data when parsing DICOM files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2023-35663 | 1 Google | 1 Android | 2023-10-25 | N/A | 7.5 HIGH |
| In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-35656 | 1 Google | 1 Android | 2023-10-25 | N/A | 7.5 HIGH |
| In multiple functions of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2022-23482 | 2 Debian, Neutrinolabs | 2 Debian Linux, Xrdp | 2023-10-24 | N/A | 9.1 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23481 | 2 Debian, Neutrinolabs | 2 Debian Linux, Xrdp | 2023-10-24 | N/A | 9.1 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23493 | 2 Debian, Neutrinolabs | 2 Debian Linux, Xrdp | 2023-10-24 | N/A | 9.1 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23483 | 2 Debian, Neutrinolabs | 2 Debian Linux, Xrdp | 2023-10-24 | N/A | 9.1 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2020-11019 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2023-10-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. | |||||
| CVE-2020-13397 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2023-10-24 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. | |||||
| CVE-2020-11018 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2023-10-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0. | |||||
| CVE-2020-11085 | 3 Debian, Freerdp, Opensuse | 3 Debian Linux, Freerdp, Leap | 2023-10-24 | 5.0 MEDIUM | 3.5 LOW |
| In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0. | |||||