Total
6546 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-24348 | 1 F5 | 1 Njs | 2022-04-15 | 2.1 LOW | 5.5 MEDIUM |
| njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c. | |||||
| CVE-2020-24347 | 1 F5 | 1 Njs | 2022-04-15 | 2.1 LOW | 5.5 MEDIUM |
| njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c. | |||||
| CVE-2021-32950 | 2 Opendesign, Siemens | 4 Drawings Sdk, Comos, Jt2go and 1 more | 2022-04-15 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read issue exists within the parsing of DXF files in the Drawings SDK (All versions prior to 2022.4) resulting from the lack of proper validation of user-supplied data. This can result in a read past the end of an allocated buffer and allows attackers to cause a denial-of-service condition or read sensitive information from memory locations. | |||||
| CVE-2022-1297 | 1 Radare | 1 Radare2 | 2022-04-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash. | |||||
| CVE-2022-1296 | 1 Radare | 1 Radare2 | 2022-04-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash. | |||||
| CVE-2016-7410 | 1 Libdwarf Project | 1 Libdwarf | 2022-04-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| The _dwarf_read_loc_section function in dwarf_loc.c in libdwarf 20160613 allows attackers to cause a denial of service (buffer over-read) via a crafted file. | |||||
| CVE-2021-35117 | 1 Qualcomm | 204 Apq8096au, Apq8096au Firmware, Aqt1000 and 201 more | 2022-04-09 | 9.4 HIGH | 9.1 CRITICAL |
| An Out of Bounds read may potentially occur while processing an IBSS beacon, in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2022-1207 | 1 Radare | 1 Radare2 | 2022-04-08 | 4.3 MEDIUM | 6.6 MEDIUM |
| Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary. | |||||
| CVE-2021-26623 | 2 Bandisoft, Microsoft | 2 Bandizip, Windows | 2022-04-08 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability due to incomplete check for 'xheader_decode_path_record' function's parameter length value in the ark library. Remote attackers can induce exploit malicious code using this function. | |||||
| CVE-2020-28097 | 2 Linux, Netapp | 18 Linux Kernel, Cloud Backup, H300e and 15 more | 2022-04-06 | 3.6 LOW | 5.9 MEDIUM |
| The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85. | |||||
| CVE-2019-9640 | 6 Canonical, Debian, Netapp and 3 more | 6 Ubuntu Linux, Debian Linux, Storage Automation Store and 3 more | 2022-04-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn. | |||||
| CVE-2019-9638 | 6 Canonical, Debian, Netapp and 3 more | 6 Ubuntu Linux, Debian Linux, Storage Automation Store and 3 more | 2022-04-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len. | |||||
| CVE-2022-23937 | 1 Windriver | 1 Vxworks | 2022-04-05 | 5.0 MEDIUM | 7.5 HIGH |
| In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario. | |||||
| CVE-2021-39774 | 1 Google | 1 Android | 2022-04-05 | 2.1 LOW | 5.5 MEDIUM |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-205989472 | |||||
| CVE-2018-17974 | 1 Broadcom | 1 Tcpreplay | 2022-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service. | |||||
| CVE-2018-17582 | 1 Broadcom | 1 Tcpreplay | 2022-04-02 | 5.8 MEDIUM | 7.1 HIGH |
| Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file. | |||||
| CVE-2018-20553 | 1 Broadcom | 1 Tcpreplay | 2022-04-02 | 6.8 MEDIUM | 7.8 HIGH |
| Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c. | |||||
| CVE-2018-13112 | 1 Broadcom | 1 Tcpreplay | 2022-04-02 | 5.0 MEDIUM | 7.5 HIGH |
| get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. | |||||
| CVE-2018-17580 | 1 Broadcom | 1 Tcpreplay | 2022-04-02 | 5.8 MEDIUM | 7.1 HIGH |
| A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file. | |||||
| CVE-2018-20552 | 1 Broadcom | 1 Tcpreplay | 2022-04-02 | 6.8 MEDIUM | 7.8 HIGH |
| Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c. | |||||