Total
9391 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-51602 | 1 Videolan | 1 Vlc Media Player | 2026-04-15 | 4.8 Medium |
| mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server. | ||||
| CVE-2025-53367 | 2026-04-15 | N/A | ||
| DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29. | ||||
| CVE-2025-49849 | 2026-04-15 | N/A | ||
| An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data structures. | ||||
| CVE-2025-22392 | 1 Intel | 2 Amt, Standard Manageability | 2026-04-15 | 4.4 Medium |
| Out-of-bounds read in firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via network access. | ||||
| CVE-2025-37149 | 1 Hpe | 1 Proliant Rl300 Gen11 | 2026-04-15 | 6 Medium |
| A potential out-of-bound reads vulnerability in HPE ProLiant RL300 Gen11 Server's UEFI firmware. | ||||
| CVE-2025-36521 | 1 Microdicom | 1 Dicom Viewer | 2026-04-15 | 8.8 High |
| MicroDicom DICOM Viewer is vulnerable to an out-of-bounds read which may allow an attacker to cause memory corruption within the application. The user must open a malicious DCM file for exploitation. | ||||
| CVE-2025-8351 | 2 Apple, Avast | 2 Macos, Antivirus | 2026-04-15 | 9 Critical |
| Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast Antivirus on MacOS when scanning a malformed file may allow Local Execution of Code or Denial-of-Service of the anitvirus engine process.This issue affects Antivirus: from 8.3.70.94 before 8.3.70.98. | ||||
| CVE-2025-32412 | 2026-04-15 | 7.8 High | ||
| Fuji Electric Smart EditorĀ is vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2024-36254 | 1 Sharp | 49 Bp-30c25, Bp-30c25t, Bp-30c25y and 46 more | 2026-04-15 | 7.5 High |
| Out-of-bounds read vulnerability exists in Sharp Corporation and Toshiba Tec Corporation multiple MFPs (multifunction printers), which may lead to a denial-of-service (DoS) condition. | ||||
| CVE-2024-36251 | 1 Sharp | 22 Bp-b537wr, Bp-b540wr, Bp-b547wd and 19 more | 2026-04-15 | 7.5 High |
| The web interface of the affected devices process some crafted HTTP requests improperly, leading to a device crash. More precisely, a crafted parameter to billcodedef_sub_sel.html is not processed properly and device-crash happens. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References]. | ||||
| CVE-2024-56083 | 2026-04-15 | 8.1 High | ||
| Cognition Devin before 2024-12-12 provides write access to code by an attacker who discovers the https://vscode-randomly_generated_string.devinapps.com URL (aka the VSCode live share URL) for a specific "Use Devin's Machine" session. For example, this URL may be discovered if a customer posts a screenshot of a Devin session to social media, or publicly streams their Devin session. | ||||
| CVE-2025-27940 | 1 Intel | 1 Tdx Module | 2026-04-15 | 4.1 Medium |
| Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-5941 | 1 Netskope | 1 Netskope | 2026-04-15 | N/A |
| Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor could trigger a memory leak by sending a crafted DNS packet to a machine. A successful exploitation may require administrative privileges on the machine, based on the exact configuration. A successful exploit can potentially result in user-controllable memory being leaked in a domain name stored on the local machine. | ||||
| CVE-2024-37877 | 1 Ueranism | 1 Ueranism | 2026-04-15 | 5.5 Medium |
| UERANSIM before 3.2.6 allows out-of-bounds read when a RLS packet is sent to gNodeB with malformed PDU length. This occurs in function readOctetString in src/utils/octet_view.cpp and in function DecodeRlsMessage in src/lib/rls/rls_pdu.cpp | ||||
| CVE-2025-4098 | 2026-04-15 | N/A | ||
| Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape. | ||||
| CVE-2025-20101 | 1 Intel | 1 Graphics Drivers | 2026-04-15 | 8.4 High |
| Out-of-bounds read for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable information disclosure or denial of service via local access. | ||||
| CVE-2023-43692 | 1 Malwarebytes | 1 Malwarebytes | 2026-04-15 | 7.5 High |
| An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). Out-of-bound reads in strings detection utilities lead to system crashes. | ||||
| CVE-2024-32667 | 2026-04-15 | 3.9 Low | ||
| Out-of-bounds read for some OpenCL(TM) software may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2024-0117 | 1 Nvidia | 3 Cloud Gaming Guest, Gpu Display Driver, Virtual Gpu | 2026-04-15 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-23050 | 1 Qt | 1 Qt | 2026-04-15 | 3.1 Low |
| QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to an out-of-bounds read (or division by zero). This is fixed in 5.15.19, 6.5.9, and 6.8.2. | ||||