Total
7826 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34658 | 1 Samsung | 1 Notes | 2024-09-05 | 4 Medium |
| Out-of-bounds read in Samsung Notes allows local attackers to bypass ASLR. | ||||
| CVE-2024-33047 | 1 Qualcomm | 50 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 47 more | 2024-09-05 | 8.4 High |
| Memory corruption when the captureRead QDCM command is invoked from user-space. | ||||
| CVE-2024-33048 | 1 Qualcomm | 394 Ar8035, Ar8035 Firmware, Csr8811 and 391 more | 2024-09-04 | 7.5 High |
| Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. | ||||
| CVE-2024-33051 | 1 Qualcomm | 637 315 5g Iot, 315 5g Iot Firmware, 315 5g Iot Modem Firmware and 634 more | 2024-09-04 | 7.5 High |
| Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. | ||||
| CVE-2024-38382 | 1 Openatom | 1 Openharmony | 2024-09-04 | 5.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2024-33050 | 1 Qualcomm | 541 Ar8035, Ar8035 Firmware, Ar9380 and 538 more | 2024-09-04 | 7.5 High |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. | ||||
| CVE-2024-33057 | 1 Qualcomm | 356 Ar8035, Ar8035 Firmware, Csr8811 and 353 more | 2024-09-04 | 7.5 High |
| Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. | ||||
| CVE-2024-39612 | 1 Openatom | 1 Openharmony | 2024-09-04 | 5.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2024-39775 | 1 Openatom | 1 Openharmony | 2024-09-04 | 6.5 Medium |
| in OpenHarmony v4.1.0 and prior versions allow a remote attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2024-7537 | 1 Ofono Project | 1 Ofono | 2024-08-29 | 5.5 Medium |
| oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SMS message lists. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-23157. | ||||
| CVE-2024-7966 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
| Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-42143 | 2024-08-22 | 5.1 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-28074 | 1 Dell | 2 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite | 2024-08-20 | 6.2 Medium |
| Dell BSAFE Crypto-C Micro Edition, version 4.1.5, and Dell BSAFE Micro Edition Suite, versions 4.0 through 4.6.1 and version 5.0, contains an Out-of-bounds Read vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Information exposure. | ||||
| CVE-2024-20790 | 1 Adobe | 1 Dimension | 2024-08-19 | 5.5 Medium |
| Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-34125 | 1 Adobe | 1 Dimension | 2024-08-19 | 5.5 Medium |
| Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-34126 | 1 Adobe | 1 Dimension | 2024-08-19 | 5.5 Medium |
| Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-39387 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2024-08-19 | 5.5 Medium |
| Bridge versions 13.0.8, 14.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-41854 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-08-19 | 5.5 Medium |
| InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-39393 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-08-19 | 7.8 High |
| InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-42478 | 1 Ggerganov | 1 Llama.cpp | 2024-08-16 | 5.3 Medium |
| llama.cpp provides LLM inference in C/C++. The unsafe `data` pointer member in the `rpc_tensor` structure can cause arbitrary address reading. This vulnerability is fixed in b3561. | ||||