Filtered by CWE-125
Total 8026 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-8241 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 4.3 Medium
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2024-34244 1 Libmodbus 1 Libmodbus 2025-05-05 7.5 High
libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors.
CVE-2024-38101 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-05 6.5 Medium
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38073 1 Microsoft 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more 2025-05-05 7.5 High
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38057 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-05 7.8 High
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38048 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-05 6.5 Medium
Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability
CVE-2024-38028 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-05-05 7.2 High
Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability
CVE-2024-38102 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-05 6.5 Medium
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
CVE-2024-38062 1 Microsoft 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more 2025-05-05 7.8 High
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-38056 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-05-05 5.5 Medium
Microsoft Windows Codecs Library Information Disclosure Vulnerability
CVE-2023-38427 2 Linux, Netapp 5 Linux Kernel, H300s, H410s and 2 more 2025-05-05 9.8 Critical
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.
CVE-2023-37453 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-05-05 4.6 Medium
An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.
CVE-2023-2176 2 Linux, Redhat 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more 2025-05-05 7.8 High
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.
CVE-2023-28866 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-05-05 5.3 Medium
In the Linux kernel through 6.2.8, net/bluetooth/hci_sync.c allows out-of-bounds access because amp_init1[] and amp_init2[] are supposed to have an intentionally invalid element, but do not.
CVE-2023-26607 2 Linux, Netapp 2 Linux Kernel, Hci Baseboard Management Controller 2025-05-05 7.1 High
In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
CVE-2023-0698 1 Google 1 Chrome 2025-05-05 8.8 High
Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2022-43995 1 Sudo Project 1 Sudo 2025-05-05 7.1 High
Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the system libraries, compiler, and processor architecture.
CVE-2021-20193 1 Gnu 1 Tar 2025-05-05 3.3 Low
A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability.
CVE-2020-22628 1 Libraw 1 Libraw 2025-05-05 6.5 Medium
Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp.
CVE-2025-21650 1 Linux 1 Linux Kernel 2025-05-04 7.8 High
In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue The TQP BAR space is divided into two segments. TQPs 0-1023 and TQPs 1024-1279 are in different BAR space addresses. However, hclge_fetch_pf_reg does not distinguish the tqp space information when reading the tqp space information. When the number of TQPs is greater than 1024, access bar space overwriting occurs. The problem of different segments has been considered during the initialization of tqp.io_base. Therefore, tqp.io_base is directly used when the queue is read in hclge_fetch_pf_reg. The error message: Unable to handle kernel paging request at virtual address ffff800037200000 pc : hclge_fetch_pf_reg+0x138/0x250 [hclge] lr : hclge_get_regs+0x84/0x1d0 [hclge] Call trace: hclge_fetch_pf_reg+0x138/0x250 [hclge] hclge_get_regs+0x84/0x1d0 [hclge] hns3_get_regs+0x2c/0x50 [hns3] ethtool_get_regs+0xf4/0x270 dev_ethtool+0x674/0x8a0 dev_ioctl+0x270/0x36c sock_do_ioctl+0x110/0x2a0 sock_ioctl+0x2ac/0x530 __arm64_sys_ioctl+0xa8/0x100 invoke_syscall+0x4c/0x124 el0_svc_common.constprop.0+0x140/0x15c do_el0_svc+0x30/0xd0 el0_svc+0x1c/0x2c el0_sync_handler+0xb0/0xb4 el0_sync+0x168/0x180