Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-46867 | 1 Huawei | 2 Emui, Harmonyos | 2023-01-12 | N/A | 7.5 HIGH |
| The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access. | |||||
| CVE-2022-4433 | 1 Lenovo | 2 Thinkpas X13s, Thinkpas X13s Firmware | 2023-01-11 | N/A | 4.4 MEDIUM |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | |||||
| CVE-2022-4432 | 1 Lenovo | 2 Thinkpas X13s, Thinkpas X13s Firmware | 2023-01-11 | N/A | 4.4 MEDIUM |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | |||||
| CVE-2021-33644 | 3 Fedoraproject, Feep, Huawei | 3 Fedora, Libtar, Openeuler | 2023-01-11 | N/A | 8.1 HIGH |
| An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read. | |||||
| CVE-2022-4435 | 1 Lenovo | 2 Thinkpas X13s, Thinkpas X13s Firmware | 2023-01-11 | N/A | 4.4 MEDIUM |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | |||||
| CVE-2020-36426 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2023-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte). | |||||
| CVE-2022-44442 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-01-10 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-44441 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-01-10 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-44440 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-01-10 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-44446 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-01-10 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-44445 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-01-10 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-44443 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-01-10 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42267 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-01-10 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability where a regular user can cause an out-of-bounds read, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
| CVE-2022-46360 | 1 Fujielectric | 2 Tellus, V-sft | 2023-01-10 | N/A | 7.8 HIGH |
| Out-of-bounds read vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||||
| CVE-2019-6568 | 1 Siemens | 100 Cp1604, Cp1604 Firmware, Cp1616 and 97 more | 2023-01-10 | 5.0 MEDIUM | 7.5 HIGH |
| The webserver of the affected devices contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation which leads to a restart of the webserver of the affected device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise availability of the device. | |||||
| CVE-2022-41645 | 1 Fujielectric | 1 V-server | 2023-01-09 | N/A | 7.8 HIGH |
| Out-of-bounds read vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file. | |||||
| CVE-2021-21200 | 1 Google | 1 Chrome | 2023-01-09 | N/A | 5.4 MEDIUM |
| Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chrome security severity: Low) | |||||
| CVE-2020-28608 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2023-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() store_fc(). | |||||
| CVE-2020-28612 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2023-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->svertices_begin(). | |||||
| CVE-2020-28624 | 2 Cgal, Debian | 2 Computational Geometry Algorithms Library, Debian Linux | 2023-01-09 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SEdge_of. | |||||