Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-125
Total 4813 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-25665 2 Debian, Imagemagick 2 Debian Linux, Imagemagick 2023-03-11 4.3 MEDIUM 5.5 MEDIUM
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on in the routine. The patch adds 256 to bytes_per_row in the call to AcquireQuantumMemory(). This could cause impact to reliability. This flaw affects ImageMagick versions prior to 7.0.8-68.
CVE-2023-1018 1 Trustedcomputinggroup 1 Trusted Platform Module 2023-03-10 N/A 5.5 MEDIUM
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
CVE-2022-4203 1 Openssl 1 Openssl 2023-03-09 N/A 4.9 MEDIUM
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
CVE-2022-42833 1 Apple 1 Macos 2023-03-08 N/A 7.8 HIGH
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.
CVE-2022-35265 1 Robustel 2 R1510, R1510 Firmware 2023-03-07 N/A 7.5 HIGH
A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_nodejs_app/` API.
CVE-2022-37032 2 Debian, Frrouting 2 Debian Linux, Frrouting 2023-03-07 N/A 9.1 CRITICAL
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.
CVE-2022-32830 1 Apple 3 Ipados, Iphone Os, Tvos 2023-03-07 N/A 7.5 HIGH
An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information.
CVE-2023-26253 1 Gluster 1 Glusterfs 2023-03-07 N/A 7.5 HIGH
In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read.
CVE-2023-20948 1 Google 1 Android 2023-03-06 N/A 7.5 HIGH
In dropFramesUntilIframe of AAVCAssembler.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L Android-13Android ID: A-230630526
CVE-2022-35729 2 Intel, Openbmc-project 58 C621a, C624a, C627a and 55 more 2023-03-06 N/A 7.5 HIGH
Out of bounds read in firmware for OpenBMC in some Intel(R) platforms before version 0.72 may allow unauthenticated user to potentially enable denial of service via network access.
CVE-2022-30339 1 Intel 1 Integrated Sensor Solution 2023-03-06 N/A 4.4 MEDIUM
Out-of-bounds read in firmware for the Intel(R) Integrated Sensor Solution before versions 5.4.2.4579v3, 5.4.1.4479 and 5.0.0.4143 may allow a privileged user to potentially enable denial of service via local access.
CVE-2022-30531 2 Intel, Microsoft 2 Iris Xe Max Dedicated Graphics, Windows 2023-03-06 N/A 5.5 MEDIUM
Out-of-bounds read in the Intel(R) Iris(R) Xe MAX drivers for Windows before version 100.0.5.1474 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2019-12083 3 Fedoraproject, Opensuse, Rust-lang 3 Fedora, Leap, Rust 2023-03-03 6.8 MEDIUM 8.1 HIGH
The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected.
CVE-2019-13616 6 Canonical, Debian, Fedoraproject and 3 more 13 Ubuntu Linux, Debian Linux, Fedora and 10 more 2023-03-03 5.8 MEDIUM 8.1 HIGH
SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c.
CVE-2019-13513 1 Deltaww 1 Delta Industrial Automation Dopsoft 2023-03-03 6.8 MEDIUM 7.8 HIGH
In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior, processing a specially crafted project file may trigger multiple out-of-bounds read vulnerabilities, which may allow information disclosure, remote code execution, or crash of the application.
CVE-2019-14380 2 Debian, Openmpt 2 Debian Linux, Libopenmpt 2023-03-03 4.3 MEDIUM 6.5 MEDIUM
libopenmpt before 0.4.5 allows a crash during playback due to an out-of-bounds read in XM and MT2 files.
CVE-2019-15141 2 Imagemagick, Opensuse 2 Imagemagick, Leap 2023-03-03 4.3 MEDIUM 6.5 MEDIUM
WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows attackers to cause a denial-of-service (application crash resulting from a heap-based buffer over-read) via a crafted TIFF image file, related to TIFFRewriteDirectory, TIFFWriteDirectory, TIFFWriteDirectorySec, and TIFFWriteDirectoryTagColormap in tif_dirwrite.c of LibTIFF. NOTE: this occurs because of an incomplete fix for CVE-2019-11597.
CVE-2019-13512 1 Fujielectric 1 Frenic Loader 2023-03-03 4.3 MEDIUM 3.3 LOW
Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out-of-bounds read vulnerability, which may allow an attacker to read limited information from the device.
CVE-2022-35409 2 Arm, Debian 2 Mbed Tls, Debian Linux 2023-03-03 N/A 9.1 CRITICAL
An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.
CVE-2019-14513 2 Debian, Thekelleys 2 Debian Linux, Dnsmasq 2023-03-03 5.0 MEDIUM 7.5 HIGH
Improper bounds checking in Dnsmasq before 2.76 allows an attacker controlled DNS server to send large DNS packets that result in a read operation beyond the buffer allocated for the packet, a different vulnerability than CVE-2017-14491.