Total
7643 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54116 | 1 Huawei | 1 Harmonyos | 2024-12-12 | 4.3 Medium |
| Out-of-bounds read vulnerability in the M3U8 module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | ||||
| CVE-2024-54115 | 1 Huawei | 1 Harmonyos | 2024-12-12 | 4.3 Medium |
| Out-of-bounds read vulnerability in the DASH module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-54114 | 1 Huawei | 1 Harmonyos | 2024-12-12 | 4.4 Medium |
| Out-of-bounds access vulnerability in playback in the DASH module Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-44237 | 1 Apple | 2 Mac Os, Macos | 2024-12-12 | 6.5 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Processing a maliciously crafted file may lead to unexpected app termination. | ||||
| CVE-2023-32542 | 1 Fujielectric | 2 Tellus, Tellus Lite | 2024-12-12 | 7.8 High |
| Out-of-bounds read vulnerability exists in TELLUS v4.0.15.0 and TELLUS Lite v4.0.15.0. Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution. | ||||
| CVE-2024-53004 | 1 Adobe | 1 Substance 3d Modeler | 2024-12-12 | 5.5 Medium |
| Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-53005 | 1 Adobe | 1 Substance 3d Modeler | 2024-12-12 | 5.5 Medium |
| Substance3D - Modeler versions 1.14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-44283 | 1 Apple | 1 Macos | 2024-12-12 | 6.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a maliciously crafted file may lead to an unexpected app termination. | ||||
| CVE-2024-41871 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-12-12 | 5.5 Medium |
| Media Encoder versions 24.5, 23.6.8 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-33056 | 1 Qualcomm | 662 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 659 more | 2024-12-12 | 8.4 High |
| Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | ||||
| CVE-2024-37401 | 2024-12-12 | N/A | ||
| An out-of-bounds read in IPsec of Ivanti Connect Secure before version 22.7R2.1 allows a remote unauthenticated attacker to cause a denial of service. | ||||
| CVE-2024-44279 | 1 Apple | 1 Macos | 2024-12-11 | 6.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. Parsing a file may lead to disclosure of user information. | ||||
| CVE-2024-9978 | 1 Openatom | 1 Openharmony | 2024-12-11 | 5.5 Medium |
| in OpenHarmony v4.1.1 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2024-54937 | 1 Lopalopa | 1 E-learning Management System | 2024-12-11 | 5.3 Medium |
| A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/assets. | ||||
| CVE-2024-53589 | 2024-12-11 | 8.4 High | ||
| GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files. | ||||
| CVE-2024-12082 | 1 Openatom | 1 Openharmony | 2024-12-11 | 5.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2023-35862 | 1 Libcoap | 1 Libcoap | 2024-12-11 | 6.5 Medium |
| libcoap 4.3.1 contains a buffer over-read via the function coap_parse_oscore_conf_mem at coap_oscore.c. | ||||
| CVE-2024-54938 | 2024-12-11 | 7.5 High | ||
| A Directory Listing issue was found in Kashipara E-Learning Management System v1.0, which allows remote attackers to access sensitive files and directories via /admin/uploads. | ||||
| CVE-2024-53450 | 2024-12-11 | 7.5 High | ||
| RAGFlow 0.13.0 suffers from improper access control in document-hooks.ts, allowing unauthorized access to user documents. | ||||
| CVE-2024-53242 | 2024-12-10 | 7.8 High | ||
| A vulnerability has been identified in Teamcenter Visualization V14.2 (All versions < V14.2.0.14), Teamcenter Visualization V14.3 (All versions < V14.3.0.12), Teamcenter Visualization V2312 (All versions < V2312.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0016), Tecnomatix Plant Simulation V2404 (All versions < V2404.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-25206) | ||||