Total
7339 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-2755 | 1 Assimp | 1 Assimp | 2025-07-17 | 7.5 HIGH | 6.3 MEDIUM |
| A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as critical. Affected by this issue is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument src.entries leads to out-of-bounds read. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-54070 | 2025-07-17 | N/A | N/A | ||
| OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 5.2.0 and prior to version 5.4.0, the `lastIndexOf(bytes,byte,uint256)` function of the `Bytes.sol` library may access uninitialized memory when the following two conditions hold: 1) the provided buffer length is empty (i.e. `buffer.length == 0`) and position is not `2**256 - 1` (i.e. `pos != type(uint256).max`). The `pos` argument could be used to access arbitrary data outside of the buffer bounds. This could lead to the operation running out of gas, or returning an invalid index (outside of the empty buffer). Processing this invalid result for accessing the `buffer` would cause a revert under normal conditions. When triggered, the function reads memory at offset `buffer + 0x20 + pos`. If memory at that location (outside the `buffer`) matches the search pattern, the function would return an out of bound index instead of the expected `type(uint256).max`. This creates unexpected behavior where callers receive a valid-looking index pointing outside buffer bounds. Subsequent memory accesses that don't check bounds and use the returned index must carefully review the potential impact depending on their setup. Code relying on this function returning `type(uint256).max` for empty buffers or using the returned index without bounds checking could exhibit undefined behavior. Users should upgrade to version 5.4.0 to receive a patch. | |||||
| CVE-2025-48188 | 1 Gnu | 1 Pspp | 2025-07-17 | N/A | 2.9 LOW |
| libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fill_buffer (in data/encrypted-file.c) to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read. | |||||
| CVE-2025-49601 | 1 Arm | 1 Mbed Tls | 2025-07-17 | N/A | 4.8 MEDIUM |
| In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input. | |||||
| CVE-2025-20915 | 1 Samsung | 1 Notes | 2025-07-17 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20914 | 1 Samsung | 1 Notes | 2025-07-17 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary of hand writing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20913 | 1 Samsung | 1 Notes | 2025-07-17 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20901 | 1 Samsung | 1 Blockchain Keystore | 2025-07-17 | N/A | 4.4 MEDIUM |
| Out-of-bounds read in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to read out-of-bounds memory. | |||||
| CVE-2025-20976 | 1 Samsung | 1 Notes | 2025-07-17 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory. | |||||
| CVE-2024-42646 | 1 Emqx | 1 Nanomq | 2025-07-16 | N/A | 7.5 HIGH |
| A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages. | |||||
| CVE-2025-20930 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. | |||||
| CVE-2025-20932 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory. | |||||
| CVE-2025-20933 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory. | |||||
| CVE-2025-20916 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20917 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20918 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20919 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20920 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20921 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||
| CVE-2025-20922 | 1 Samsung | 1 Notes | 2025-07-16 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory. | |||||