ReportizFlow
Filtered by vendor
Subscriptions
Total
8230 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27161 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-28 | 7.8 High |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27163 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-28 | 5.5 Medium |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27164 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-28 | 5.5 Medium |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-24431 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-28 | 5.5 Medium |
| Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-31617 | 2 Microsoft, Nvidia | 7 Windows, Cloud Gaming Guest, Geforce and 4 more | 2025-04-28 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | ||||
| CVE-2024-9827 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-25 | 7.8 High |
| A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2022-45909 | 1 Drachtio | 1 Drachtio-server | 2025-04-25 | 9.1 Critical |
| drachtio-server before 0.8.19 has a heap-based buffer over-read via a long Request-URI in an INVITE request. | ||||
| CVE-2024-20071 | 2 Mediatek, Openwrt | 5 Mt6890, Mt6990, Mt7622 and 2 more | 2025-04-25 | 4.4 Medium |
| In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Issue ID: MSV-1331. | ||||
| CVE-2024-54938 | 1 Lopalopa | 1 E-learning Management System | 2025-04-24 | 7.5 High |
| A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads. | ||||
| CVE-2023-50927 | 1 Contiki-ng | 1 Contiki-ng | 2025-04-24 | 8.6 High |
| Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for DIO and DAO messages, in particular when they contain RPL sub-option headers. The problem has been patched in Contiki-NG 4.9. Users are advised to upgrade. Users unable to upgrade should manually apply the code changes in PR #2484. | ||||
| CVE-2024-20107 | 5 Google, Linuxfoundation, Mediatek and 2 more | 24 Android, Yocto, Mt6781 and 21 more | 2025-04-24 | 6.2 Medium |
| In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09124360; Issue ID: MSV-1823. | ||||
| CVE-2022-45315 | 1 Mikrotik | 1 Routeros | 2025-04-24 | 9.8 Critical |
| Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2022-45313 | 1 Mikrotik | 1 Routeros | 2025-04-24 | 8.8 High |
| Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message. | ||||
| CVE-2022-39130 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | 5.5 Medium |
| In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | ||||
| CVE-2022-42774 | 2 Google, Unisoc | 14 Android, S8002, Sc7731e and 11 more | 2025-04-23 | 5.5 Medium |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | ||||
| CVE-2022-42773 | 2 Google, Unisoc | 14 Android, S8001, Sc7731e and 11 more | 2025-04-23 | 5.5 Medium |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | ||||
| CVE-2022-42768 | 2 Google, Unisoc | 14 Android, S8013, Sc7731e and 11 more | 2025-04-23 | 4.3 Medium |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | ||||
| CVE-2021-21050 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2025-04-23 | N/A |
| Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2021-21049 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2025-04-23 | N/A |
| Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2020-28601 | 3 Cgal, Debian, Fedoraproject | 3 Computational Geometry Algorithms Library, Debian Linux, Fedora | 2025-04-23 | 9.8 Critical |
| A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability. | ||||