Total
4813 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-14125 | 1 Mi | 3 Miui, Redmi Note 11, Redmi Note 9t | 2022-06-14 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by out-of-bound read/write and can be exploited by attackers to make denial of service. | |||||
| CVE-2020-27842 | 5 Debian, Fedoraproject, Oracle and 2 more | 11 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 8 more | 2022-06-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. An attacker who is able to provide crafted input to be processed by openjpeg could cause a null pointer dereference. The highest impact of this flaw is to application availability. | |||||
| CVE-2019-9169 | 4 Canonical, Gnu, Mcafee and 1 more | 6 Ubuntu Linux, Glibc, Web Gateway and 3 more | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match. | |||||
| CVE-2022-21756 | 2 Google, Mediatek | 36 Android, Mt6833, Mt6853 and 33 more | 2022-06-13 | 2.1 LOW | 4.4 MEDIUM |
| In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535950; Issue ID: ALPS06535950. | |||||
| CVE-2022-21755 | 2 Google, Mediatek | 64 Android, Mt6731, Mt6732 and 61 more | 2022-06-13 | 2.1 LOW | 4.4 MEDIUM |
| In WLAN driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545464; Issue ID: ALPS06545464. | |||||
| CVE-2022-21747 | 2 Google, Mediatek | 23 Android, Mt6771, Mt6779 and 20 more | 2022-06-13 | 2.1 LOW | 4.4 MEDIUM |
| In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478078; Issue ID: ALPS06478078. | |||||
| CVE-2022-21746 | 2 Google, Mediatek | 17 Android, Mt6771, Mt6779 and 14 more | 2022-06-13 | 2.1 LOW | 4.4 MEDIUM |
| In imgsensor, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06479698; Issue ID: ALPS06479698. | |||||
| CVE-2019-5032 | 1 Aspose | 1 Aspose.cells | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2022-31796 | 1 Jpeg | 1 Libjpeg | 2022-06-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use. | |||||
| CVE-2022-1987 | 1 Libmobi Project | 1 Libmobi | 2022-06-11 | 5.8 MEDIUM | 8.1 HIGH |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | |||||
| CVE-2022-32200 | 1 Libdwarf Project | 1 Libdwarf | 2022-06-10 | 6.8 MEDIUM | 7.8 HIGH |
| libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c. | |||||
| CVE-2022-26770 | 1 Apple | 2 Mac Os X, Macos | 2022-06-08 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26698 | 1 Apple | 2 Mac Os X, Macos | 2022-06-08 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
| CVE-2022-26697 | 1 Apple | 2 Mac Os X, Macos | 2022-06-08 | 5.8 MEDIUM | 7.1 HIGH |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | |||||
| CVE-2022-22674 | 1 Apple | 2 Mac Os X, Macos | 2022-06-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory. | |||||
| CVE-2022-26718 | 1 Apple | 1 Macos | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. | |||||
| CVE-2017-2858 | 1 Natus | 1 Xltek Neuroworks | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the traversal of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2860 | 1 Natus | 1 Xltek Neuroworks | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the lookup entry functionality of KeyTrees in Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2852 | 1 Natus | 1 Xltek Neuroworks | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause an out-of-bounds read, resulting in a denial of service. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2895 | 1 Cesanta | 1 Mongoose | 2022-06-07 | 6.4 MEDIUM | 8.2 HIGH |
| An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability. | |||||