Total
9149 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4778 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4758 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4721 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-4156 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Gawk, Enterprise Linux | 2024-11-21 | 4.4 Medium |
| A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information. | ||||
| CVE-2023-4135 | 3 Fedoraproject, Qemu, Redhat | 4 Fedora, Qemu, Advanced Virtualization and 1 more | 2024-11-21 | 6 Medium |
| A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed. | ||||
| CVE-2023-4020 | 1 Silabs | 1 Gecko Software Development Kit | 2024-11-21 | 9 Critical |
| An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory. | ||||
| CVE-2023-49118 | 1 Openatom | 1 Openharmony | 2024-11-21 | 2.9 Low |
| in OpenHarmony v3.2.4 and prior versions allow a local attacker causes information leak through out-of-bounds Read. | ||||
| CVE-2023-48736 | 1 Color | 1 Demoiccmax | 2024-11-21 | 6.5 Medium |
| In International Color Consortium DemoIccMAX 3e7948b, CIccCLUT::Interp2d in IccTagLut.cpp in libSampleICC.a has an out-of-bounds read. | ||||
| CVE-2023-48638 | 1 Adobe | 1 Substance 3d Designer | 2024-11-21 | 5.5 Medium |
| Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-48637 | 1 Adobe | 1 Substance 3d Designer | 2024-11-21 | 5.5 Medium |
| Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-48636 | 1 Adobe | 1 Substance 3d Designer | 2024-11-21 | 5.5 Medium |
| Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-48635 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-21 | 5.5 Medium |
| Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-48422 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-48415 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In Init of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-48413 | 1 Google | 1 Android | 2024-11-21 | 4.9 Medium |
| In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-48411 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In SignalStrengthAdapter::FillGsmSignalStrength() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | ||||
| CVE-2023-48410 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In cd_ParseMsg of cd_codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-48408 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In ProtocolNetSimFileInfoAdapter() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | ||||
| CVE-2023-48404 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In ProtocolMiscCarrierConfigSimInfoIndAdapter of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-48401 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In GetSizeOfEenlRecords of protocoladapter.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||