Search Results (9619 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-22842 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-10-16 3.3 Low
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-20102 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-10-16 3.3 Low
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-22452 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-10-16 3.3 Low
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read.
CVE-2025-5307 1 Santesoft 1 Dicom Viewer Pro 2025-10-15 7.8 High
Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro.
CVE-2024-24911 1 Checkpoint 4 Gaia Os, Management Server, Multi-domain Management and 1 more 2025-10-15 5.3 Medium
In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache.
CVE-2024-41086 1 Linux 1 Linux Kernel 2025-10-09 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: bcachefs: Fix sb_field_downgrade validation - bch2_sb_downgrade_validate() wasn't checking for a downgrade entry extending past the end of the superblock section - for_each_downgrade_entry() is used in to_text() and needs to work on malformed input; it also was missing a check for a field extending past the end of the section
CVE-2025-51306 1 Gatling 1 Gatling 2025-10-09 6.5 Medium
In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management.
CVE-2023-36428 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-10-08 5.5 Medium
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2025-61691 1 Keyence 1 Vt Studio 2025-10-07 7.8 High
VT STUDIO versions 8.53 and prior contain an out-of-bounds read vulnerability. If the product uses a specially crafted file, arbitrary code may be executed on the affected product.
CVE-2025-23248 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2025-10-06 3.3 Low
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2025-23255 1 Nvidia 1 Cuda Toolkit 2025-10-06 3.3 Low
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a user may cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2024-32635 1 Siemens 3 Jt2go, Parasolid, Teamcenter Visualization 2025-10-03 7.8 High
A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain an out of bounds read past the unmapped memory region while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
CVE-2024-32636 1 Siemens 3 Jt2go, Parasolid, Teamcenter Visualization 2025-10-03 7.8 High
A vulnerability has been identified in JT2Go (All versions < V2312.0005), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.10), Teamcenter Visualization V2312 (All versions < V2312.0005). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
CVE-2024-26275 1 Siemens 3 Jt2go, Parasolid, Teamcenter Visualization 2025-10-03 7.8 High
A vulnerability has been identified in JT2Go (All versions < V2312.0004), Parasolid V35.1 (All versions < V35.1.254), Parasolid V36.0 (All versions < V36.0.207), Parasolid V36.1 (All versions < V36.1.147), Teamcenter Visualization V14.2 (All versions < V14.2.0.12), Teamcenter Visualization V14.3 (All versions < V14.3.0.9), Teamcenter Visualization V2312 (All versions < V2312.0004). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.
CVE-2025-30176 1 Siemens 5 Simatic Pcs Neo, Sinec Nms, Sinema Remote Connect and 2 more 2025-10-03 7.5 High
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.
CVE-2025-30174 1 Siemens 4 Sinec Nms, Sinema Remote Connect, Totally Integrated Automation Portal and 1 more 2025-10-03 7.5 High
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions < V4.0), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound read buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition.
CVE-2025-11081 1 Gnu 1 Binutils 2025-10-03 3.3 Low
A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggested to install a patch to address this issue.
CVE-2024-53163 1 Linux 1 Linux Kernel 2025-10-01 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_420xx - fix off by one in uof_get_name() This is called from uof_get_name_420xx() where "num_objs" is the ARRAY_SIZE() of fw_objs[]. The > needs to be >= to prevent an out of bounds access.
CVE-2024-53162 1 Linux 1 Linux Kernel 2025-10-01 7.1 High
In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat_4xxx - fix off by one in uof_get_name() The fw_objs[] array has "num_objs" elements so the > needs to be >= to prevent an out of bounds read.
CVE-2024-53147 1 Linux 1 Linux Kernel 2025-10-01 7.1 High
In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid cluster) due to file system corruption, then the directory entry where ei->hint_femp.eidx hint is outside the directory, resulting in an out-of-bounds access, which may cause further file system corruption. This commit adds a check for start_clu, if it is an invalid cluster, the file or directory will be treated as empty.