Total
7339 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-7324 | 2 Cadsofttools, Irfanview | 2 Cadimage, Irfanview | 2025-07-25 | N/A | 7.8 HIGH |
| IrfanView CADImage Plugin DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26430. | |||||
| CVE-2025-7233 | 2 Cadsofttools, Irfanview | 2 Cadimage, Irfanview | 2025-07-25 | N/A | 5.5 MEDIUM |
| IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26072. | |||||
| CVE-2024-22004 | 1 Google | 6 Nest Wifi Point, Nest Wifi Point Firmware, Nest Wifi Pro and 3 more | 2025-07-24 | N/A | 10.0 CRITICAL |
| Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application | |||||
| CVE-2024-47039 | 1 Google | 1 Android | 2025-07-24 | N/A | 5.5 MEDIUM |
| In isSlotMarkedSuccessful of BootControl.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-25178 | 1 Luajit | 1 Luajit | 2025-07-24 | N/A | 9.1 CRITICAL |
| LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c. | |||||
| CVE-2024-32915 | 1 Google | 1 Android | 2025-07-24 | N/A | 4.3 MEDIUM |
| In CellInfoListParserV2::FillCellInfo() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | |||||
| CVE-2024-32914 | 1 Google | 1 Android | 2025-07-24 | N/A | 5.5 MEDIUM |
| In tpu_get_int_state of tpu.c, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-47015 | 1 Google | 1 Android | 2025-07-24 | N/A | 5.5 MEDIUM |
| In ProtocolMiscHwConfigChangeAdapter::GetData() of protocolmiscadapter.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. | |||||
| CVE-2024-53834 | 1 Google | 1 Android | 2025-07-24 | N/A | 7.5 HIGH |
| In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-53839 | 1 Google | 1 Android | 2025-07-24 | N/A | 5.5 MEDIUM |
| In GetCellInfoList() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. | |||||
| CVE-2024-11403 | 1 Libjxl Project | 1 Libjxl | 2025-07-24 | N/A | 9.8 CRITICAL |
| There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame on untrusted input) does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli which is released as part of the same project, the same vulnerability is present. However, the relevant buffer is part of a bigger structure, and the code makes no assumptions on the values that could be overwritten. The issue could however cause jpegli to read uninitialised memory, or addresses of functions. | |||||
| CVE-2024-32920 | 1 Google | 1 Android | 2025-07-22 | N/A | 7.1 HIGH |
| In set_secure_reg of sac_handler.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure of 4 bytes of stack memory with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-36504 | 1 Fortinet | 1 Fortios | 2025-07-22 | N/A | 6.5 MEDIUM |
| An out-of-bounds read vulnerability [CWE-125] in FortiOS SSLVPN web portal versions 7.4.0 through 7.4.4, versions 7.2.0 through 7.2.8, 7.0 all verisons, and 6.4 all versions may allow an authenticated attacker to perform a denial of service on the SSLVPN web portal via a specially crafted URL. | |||||
| CVE-2019-11835 | 2 Davegamble, Oracle | 2 Cjson, Timesten In-memory Database | 2025-07-22 | 7.5 HIGH | 9.8 CRITICAL |
| cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. | |||||
| CVE-2019-11834 | 2 Davegamble, Oracle | 2 Cjson, Timesten In-memory Database | 2025-07-22 | 7.5 HIGH | 9.8 CRITICAL |
| cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. | |||||
| CVE-2016-10749 | 1 Davegamble | 1 Cjson | 2025-07-22 | 7.5 HIGH | 9.8 CRITICAL |
| parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character. | |||||
| CVE-2025-53367 | 2025-07-18 | N/A | N/A | ||
| DjVuLibre is a GPL implementation of DjVu, a web-centric format for distributing documents and images. Prior to version 3.5.29, the MMRDecoder::scanruns method is affected by an OOB-write vulnerability, because it does not check that the xr pointer stays within the bounds of the allocated buffer. This can lead to writes beyond the allocated memory, resulting in a heap corruption condition. An out-of-bounds read with pr is also possible for the same reason. This issue has been patched in version 3.5.29. | |||||
| CVE-2025-2751 | 1 Assimp | 1 Assimp | 2025-07-17 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability has been found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This vulnerability affects the function Assimp::CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp of the component CSM File Handler. The manipulation of the argument na leads to out-of-bounds read. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2752 | 1 Assimp | 1 Assimp | 2025-07-17 | 5.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function fast_atoreal_move in the library include/assimp/fast_atof.h of the component CSM File Handler. The manipulation leads to out-of-bounds read. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-2753 | 1 Assimp | 1 Assimp | 2025-07-17 | 7.5 HIGH | 6.3 MEDIUM |
| A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as critical. Affected is the function SceneCombiner::MergeScenes of the file code/AssetLib/LWS/LWSLoader.cpp of the component LWS File Handler. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||