Search
Total
4471 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36223 | 3 Apple, Debian, Openldap | 4 Mac Os X, Macos, Debian Linux and 1 more | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). | |||||
| CVE-2016-6261 | 3 Canonical, Gnu, Opensuse | 3 Ubuntu Linux, Libidn, Leap | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| The idna_to_ascii_4i function in lib/idna.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via 64 bytes of input. | |||||
| CVE-2017-6004 | 1 Pcre | 1 Pcre | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression. | |||||
| CVE-2017-9050 | 1 Xmlsoft | 1 Libxml2 | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. | |||||
| CVE-2015-8948 | 3 Canonical, Gnu, Opensuse | 4 Ubuntu Linux, Libidn, Leap and 1 more | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read. | |||||
| CVE-2016-6263 | 1 Gnu | 1 Libidn | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| The stringprep_utf8_nfkc_normalize function in lib/nfkc.c in libidn before 1.33 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via crafted UTF-8 data. | |||||
| CVE-2018-16429 | 2 Canonical, Gnome | 2 Ubuntu Linux, Glib | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). | |||||
| CVE-2021-34070 | 1 Tsmuxer Project | 1 Tsmuxer | 2021-06-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file. | |||||
| CVE-2019-8260 | 1 Uvnc | 1 Ultravnc | 2021-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC client RRE decoder code, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200. | |||||
| CVE-2019-8280 | 1 Uvnc | 1 Ultravnc | 2021-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204. | |||||
| CVE-2019-8264 | 1 Uvnc | 1 Ultravnc | 2021-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204. | |||||
| CVE-2019-8261 | 1 Uvnc | 1 Ultravnc | 2021-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC code inside client CoRRE decoder, caused by multiplication overflow. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1200. | |||||
| CVE-2019-8265 | 1 Uvnc | 1 Ultravnc | 2021-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208. | |||||
| CVE-2021-29968 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2021-06-25 | 5.8 MEDIUM | 8.1 HIGH |
| When drawing text onto a canvas with WebRender disabled, an out of bounds read could occur. *This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 89.0.1. | |||||
| CVE-2021-0605 | 1 Google | 1 Android | 2021-06-25 | 4.9 MEDIUM | 4.4 MEDIUM |
| In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476 | |||||
| CVE-2021-0541 | 1 Google | 1 Android | 2021-06-25 | 2.1 LOW | 4.4 MEDIUM |
| In phNxpNciHal_ext_process_nfc_init_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-169258455 | |||||
| CVE-2021-21410 | 1 Contiki-ng | 1 Contiki-ng | 2021-06-24 | 6.4 MEDIUM | 9.1 CRITICAL |
| Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>uncompress_hdr_iphc</code>) does not perform proper boundary checks when reading from the packet buffer. Hence, it is possible to construct a compressed 6LoWPAN packet that will read more bytes than what is available from the packet buffer. As of time of publication, there is not a release with a patch available. Users can apply the patch for this vulnerability out-of-band as a workaround. | |||||
| CVE-2021-20254 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2021-06-24 | 4.9 MEDIUM | 6.8 MEDIUM |
| A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity. | |||||
| CVE-2021-21777 | 1 Opener Project | 1 Opener | 2021-06-24 | 9.4 HIGH | 10.0 CRITICAL |
| An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. | |||||
| CVE-2021-0563 | 1 Google | 1 Android | 2021-06-24 | 2.1 LOW | 5.5 MEDIUM |
| In ih264e_fmt_conv_422i_to_420sp of ih264e_fmt_conv.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-172908358 | |||||
| CVE-2021-0566 | 1 Google | 1 Android | 2021-06-24 | 2.1 LOW | 4.4 MEDIUM |
| In accessAudioHalPidscpp of TimeCheck.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-175894436 | |||||
| CVE-2021-0556 | 1 Google | 1 Android | 2021-06-24 | 2.1 LOW | 5.5 MEDIUM |
| In getBlockSum of fastcodemb.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-172716941 | |||||
| CVE-2021-0558 | 1 Google | 1 Android | 2021-06-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In fillMainDataBuf of pvmp3_framedecoder.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-173473906 | |||||
| CVE-2021-0559 | 1 Google | 1 Android | 2021-06-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Lag_max of p_ol_wgh.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-172312730 | |||||
| CVE-2021-0562 | 1 Google | 1 Android | 2021-06-24 | 2.1 LOW | 5.5 MEDIUM |
| In RasterIntraUpdate of motion_est.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-176084648 | |||||
| CVE-2021-0516 | 1 Google | 1 Android | 2021-06-23 | 7.5 HIGH | 9.8 CRITICAL |
| In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181660448 | |||||
| CVE-2021-0522 | 1 Google | 1 Android | 2021-06-23 | 5.0 MEDIUM | 7.5 HIGH |
| In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-174182139 | |||||
| CVE-2021-28801 | 1 Qnap | 4 Qss, Qsw-m2108-2c, Qsw-m2108-2s and 1 more | 2021-06-23 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds read vulnerability has been reported to affect certain QNAP switches running QSS. If exploited, this vulnerability allows attackers to read sensitive information on the system. This issue affects: QNAP Systems Inc. QSS versions prior to 1.0.2 build 20210122 on QSW-M2108-2C; versions prior to 1.0.2 build 20210122 on QSW-M2108-2S; versions prior to 1.0.2 build 20210122 on QSW-M2108R-2C. | |||||
| CVE-2021-29155 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2021-06-23 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations. | |||||
| CVE-2021-0504 | 1 Google | 1 Android | 2021-06-22 | 3.3 LOW | 6.5 MEDIUM |
| In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-179162665 | |||||
| CVE-2021-3504 | 3 Debian, Fedoraproject, Redhat | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2021-06-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivex_open function. An attacker could input a specially crafted Windows Registry (hive) file which would cause hivex to read memory beyond its normal bounds or cause the program to crash. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-31498 | 1 Opentext | 1 Brava\! Desktop | 2021-06-21 | 4.3 MEDIUM | 3.3 LOW |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-12744. | |||||
| CVE-2021-31501 | 1 Opentext | 1 Brava\! Desktop | 2021-06-21 | 4.3 MEDIUM | 3.3 LOW |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13310. | |||||
| CVE-2021-3588 | 1 Bluez | 1 Bluez | 2021-06-21 | 2.1 LOW | 3.3 LOW |
| The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. | |||||
| CVE-2020-35519 | 1 Linux | 1 Linux Kernel | 2021-06-18 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2020-11304 | 1 Qualcomm | 318 Apq8009, Apq8009 Firmware, Apq8096au and 315 more | 2021-06-17 | 3.6 LOW | 7.1 HIGH |
| Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11265 | 1 Qualcomm | 52 Ar7420, Ar7420 Firmware, Ar9580 and 49 more | 2021-06-17 | 2.1 LOW | 5.5 MEDIUM |
| Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11238 | 1 Qualcomm | 804 Aqt1000, Aqt1000 Firmware, Ar8031 and 801 more | 2021-06-15 | 7.8 HIGH | 7.5 HIGH |
| Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-22753 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious WSP file is being parsed by IGSS Definition. | |||||
| CVE-2021-22757 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of sanity checks on user-supplied input data, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2021-22756 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2021-06-15 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in disclosure of information or remote code execution due to lack of user-supplied data validation, when a malicious CGF file is imported to IGSS Definition. | |||||
| CVE-2020-11161 | 1 Qualcomm | 452 Apq8053, Apq8053 Firmware, Apq8064au and 449 more | 2021-06-15 | 3.6 LOW | 7.1 HIGH |
| Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music | |||||
| CVE-2020-11159 | 1 Qualcomm | 1006 Apq8009, Apq8009 Firmware, Apq8017 and 1003 more | 2021-06-15 | 9.4 HIGH | 9.1 CRITICAL |
| Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame pointer being accessed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11126 | 1 Qualcomm | 782 Apq8096au, Apq8096au Firmware, Aqt1000 and 779 more | 2021-06-14 | 9.4 HIGH | 9.1 CRITICAL |
| Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-10769 | 2 Opensuse, Redhat | 2 Leap, Enterprise Linux | 2021-06-14 | 2.1 LOW | 5.5 MEDIUM |
| A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash. This flaw allows a local attacker with user privileges to cause a denial of service. | |||||
| CVE-2020-26421 | 3 Debian, Fedoraproject, Wireshark | 3 Debian Linux, Fedora, Wireshark | 2021-06-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. | |||||
| CVE-2020-11241 | 1 Qualcomm | 852 Apq8009, Apq8009 Firmware, Apq8096au and 849 more | 2021-06-11 | 7.8 HIGH | 7.5 HIGH |
| Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-29997 | 1 Windriver | 1 Vxworks | 2021-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Wind River VxWorks 7 before 21.03. A specially crafted packet may lead to buffer over-read on IKE. | |||||
| CVE-2016-2518 | 7 Debian, Freebsd, Netapp and 4 more | 18 Debian Linux, Freebsd, Clustered Data Ontap and 15 more | 2021-06-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value. | |||||
| CVE-2021-27490 | 3 Datakit, Luxion, Siemens | 6 Crosscadware, Keyshot, Solid Edge Se2020 and 3 more | 2021-06-09 | 6.8 MEDIUM | 7.8 HIGH |
| Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, Step3dRead, Ug3dReadPsr, Jt3dReadPsr modules in KeyShot Versions v10.1 and prior are vulnerable to an out-of-bounds read, which may allow an attacker to execute arbitrary code. | |||||