Total
8148 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53859 | 2 F5, Nginx | 3 Nginx Open Source, Nginx Plus, Nginx | 2025-08-16 | 3.7 Low |
| NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happens during the NGINX SMTP authentication process and requires the attacker to make preparations against the target system to extract the leaked data. The issue affects NGINX only if (1) it is built with the ngx_mail_smtp_module, (2) the smtp_auth directive is configured with method "none," and (3) the authentication server returns the "Auth-Wait" response header. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2025-5046 | 1 Autodesk | 10 Advance Steel, Autocad, Autocad Architecture and 7 more | 2025-08-16 | 7.8 High |
| A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-49541 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-08-15 | 5.5 Medium |
| Illustrator versions 29.0.0, 28.7.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-21459 | 1 Qualcomm | 352 Ar8035, Ar8035 Firmware, Ar9380 and 349 more | 2025-08-15 | 6.5 Medium |
| Information disclosure while handling beacon or probe response frame in STA. | ||||
| CVE-2025-50163 | 1 Microsoft | 10 Windows Server, Windows Server 2008, Windows Server 2008 R2 and 7 more | 2025-08-15 | 8.8 High |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | ||||
| CVE-2021-30194 | 2 Codesys, Wago | 55 V2 Web Server, 750-8202, 750-8202 Firmware and 52 more | 2025-08-15 | 9.1 Critical |
| CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds Read. | ||||
| CVE-2021-30195 | 2 Codesys, Wago | 56 Plcwinnt, Runtime Toolkit, 750-8202 and 53 more | 2025-08-15 | 7.5 High |
| CODESYS V2 runtime system before 2.4.7.55 has Improper Input Validation. | ||||
| CVE-2025-5918 | 2 Libarchive, Redhat | 4 Libarchive, Enterprise Linux, Openshift and 1 more | 2025-08-15 | 3.9 Low |
| A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition. | ||||
| CVE-2023-43692 | 1 Malwarebytes | 1 Malwarebytes | 2025-08-15 | 7.5 High |
| An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). Out-of-bound reads in strings detection utilities lead to system crashes. | ||||
| CVE-2023-43683 | 1 Malwarebytes | 1 Malwarebytes | 2025-08-15 | 6.5 Medium |
| An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). A Stack buffer out-of-bounds access exists because of an integer underflow when handling newline characters. | ||||
| CVE-2025-21018 | 1 Samsung | 1 Blockchain Keystore | 2025-08-15 | 4.4 Medium |
| Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 allows local privileged attackers to read out-of-bounds memory. | ||||
| CVE-2023-43694 | 1 Malwarebytes | 1 Malwarebytes | 2025-08-15 | 5.2 Medium |
| An issue was discovered in Malwarebytes 4.6.14.326 and before and 5.1.5.116 and before (and Nebula 2020-10-21 and later). An Out of bounds read in several disassembling utilities causes stability issues and denial of service. | ||||
| CVE-2025-6632 | 1 Autodesk | 1 3ds Max | 2025-08-15 | 5.3 Medium |
| A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-5941 | 1 Netskope | 1 Netskope | 2025-08-15 | N/A |
| Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor could trigger a memory leak by sending a crafted DNS packet to a machine. A successful exploitation may require administrative privileges on the machine, based on the exact configuration. A successful exploit can potentially result in user-controllable memory being leaked in a domain name stored on the local machine. | ||||
| CVE-2025-5777 | 2 Citrix, Netscaler | 4 Netscaler Application Delivery Controller, Netscaler Gateway, Adc and 1 more | 2025-08-14 | 7.5 High |
| Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server | ||||
| CVE-2025-54205 | 1 Adobe | 1 Substance 3d Sampler | 2025-08-14 | 5.5 Medium |
| Substance3D - Sampler versions 5.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-54238 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2025-08-14 | 5.5 Medium |
| Dimension versions 4.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-54233 | 2 Adobe, Microsoft | 2 Framemaker, Windows | 2025-08-14 | 5.5 Medium |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-54188 | 1 Adobe | 1 Substance 3d Painter | 2025-08-13 | 5.5 Medium |
| Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-22392 | 1 Intel | 2 Amt, Standard Manageability | 2025-08-13 | 4.4 Medium |
| Out-of-bounds read in firmware for some Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via network access. | ||||