Search Results (9737 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-20753 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-11-21 7.8 High
Photoshop Desktop versions 24.7.3, 25.7 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-20742 1 Adobe 1 Substance 3d Painter 2024-11-21 7.8 High
Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-20736 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 5.5 Medium
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-20725 1 Adobe 1 Substance 3d Painter 2024-11-21 5.5 Medium
Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-20724 1 Adobe 1 Substance 3d Painter 2024-11-21 5.5 Medium
Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-20722 1 Adobe 1 Substance 3d Painter 2024-11-21 5.5 Medium
Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-1847 2024-11-21 7.8 High
Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in eDrawings from Release SOLIDWORKS 2023 through Release SOLIDWORKS 2024. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted CATPART, IPT, JT, SAT, STL, STP, X_B or X_T file. NOTE: CVE-2024-3298 and CVE-2024-3299 were SPLIT from this ID.
CVE-2023-7242 1 Cisa 1 Icsnpp-ethercat 2024-11-21 8.2 High
Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Zeek Plugin versions d78dda6 and prior are vulnerable to out-of-bounds read during the process of analyzing a specific Ethercat packet. This could allow an attacker to crash the Zeek process and leak some information in memory.
CVE-2023-6355 1 Gallagher 2 Controller 7000, Controller 7000 Firmware 2024-11-21 6.8 Medium
Incorrect selection of fuse values in the Controller 7000 platform allows an attacker to bypass some protection mechanisms to enable local debug. This issue affects: Gallagher Controller 7000 9.00 prior to vCR9.00.231204b (distributed in 9.00.1507 (MR1)), 8.90 prior to vCR8.90.231204a (distributed in 8.90.1620 (MR2)), 8.80 prior to vCR8.80.231204a (distributed in 8.80.1369 (MR3)), 8.70 prior to vCR8.70.231204a (distributed in 8.70.2375 (MR5)).
CVE-2023-6315 1 Panasonic 1 Fpwin Pro 2024-11-21 7.8 High
Out-of-bouds read vulnerability in FPWin Pro version 7.7.0.0 and all previous versions may allow attackers to execute arbitrary code via a specially crafted project file.
CVE-2023-5998 1 Gpac 1 Gpac 2024-11-21 7.5 High
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.
CVE-2023-5377 1 Gpac 1 Gpac 2024-11-21 7.1 High
Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV.
CVE-2023-5179 1 Opendesign 1 Drawings Sdk 2024-11-21 7.8 High
An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.
CVE-2023-52267 1 Hongliuliao 1 Ehttp 2024-11-21 7.5 High
ehttp 1.0.6 before 17405b9 has a simple_log.cpp _log out-of-bounds-read during error logging for long strings.
CVE-2023-52152 1 Cybergarage 1 Mupnp For C 2024-11-21 7.5 High
mupnp/net/uri.c in mUPnP for C through 3.0.2 has an out-of-bounds read and application crash because it lacks a certain host length recalculation.
CVE-2023-51432 1 Hihonor 1 Magic Ui 2024-11-21 3.2 Low
Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak.
CVE-2023-4778 1 Gpac 1 Gpac 2024-11-21 5.5 Medium
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
CVE-2023-4758 1 Gpac 1 Gpac 2024-11-21 5.5 Medium
Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.
CVE-2023-4721 1 Gpac 1 Gpac 2024-11-21 5.5 Medium
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.
CVE-2023-4272 1 Arm 4 Bifrost Gpu Kernel Driver, Mali Gpu Kernel Driver, Midgard Gpu Kernel Driver and 1 more 2024-11-21 5.5 Medium
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.