Vulnerabilities > Out-of-bounds Read

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-47940 Out-of-bounds Read vulnerability in Siemens Solid Edge Se2024
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9).
local
low complexity
siemens CWE-125
7.8
2024-11-12 CVE-2024-47941 Out-of-bounds Read vulnerability in Siemens Solid Edge Se2024
A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 9).
local
low complexity
siemens CWE-125
7.8
2024-11-10 CVE-2024-46955 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-125
5.5
2024-11-10 CVE-2024-46956 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0.
local
low complexity
artifex debian suse CWE-125
7.8
2024-11-09 CVE-2024-50227 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() KASAN reported following issue: BUG: KASAN: stack-out-of-bounds in tb_retimer_scan+0xffe/0x1550 [thunderbolt] Read of size 4 at addr ffff88810111fc1c by task kworker/u56:0/11 CPU: 0 UID: 0 PID: 11 Comm: kworker/u56:0 Tainted: G U 6.11.0+ #1387 Tainted: [U]=USER Workqueue: thunderbolt0 tb_handle_hotplug [thunderbolt] Call Trace: <TASK> dump_stack_lvl+0x6c/0x90 print_report+0xd1/0x630 kasan_report+0xdb/0x110 __asan_report_load4_noabort+0x14/0x20 tb_retimer_scan+0xffe/0x1550 [thunderbolt] tb_scan_port+0xa6f/0x2060 [thunderbolt] tb_handle_hotplug+0x17b1/0x3080 [thunderbolt] process_one_work+0x626/0x1100 worker_thread+0x6c8/0xfa0 kthread+0x2c8/0x3a0 ret_from_fork+0x3a/0x80 ret_from_fork_asm+0x1a/0x30 This happens because the loop variable still gets incremented by one so max becomes 3 instead of 2, and this makes the second loop read past the the array declared on the stack. Fix this by assigning to max directly in the loop body.
local
low complexity
linux CWE-125
7.1
2024-11-09 CVE-2024-50247 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check if more than chunk-size bytes are written A incorrectly formatted chunk may decompress into more than LZNT_CHUNK_SIZE bytes and a index out of bounds will occur in s_max_off.
local
low complexity
linux CWE-125
7.1
2024-11-09 CVE-2024-50259 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: netdevsim: Add trailing zero to terminate the string in nsim_nexthop_bucket_activity_write() This was found by a static analyzer. We should not forget the trailing zero after copy_from_user() if we will further do some string operations, sscanf() in this case.
local
low complexity
linux CWE-125
5.5
2024-11-08 CVE-2024-25431 Out-of-bounds Read vulnerability in Bytecodealliance Webassembly Micro Runtime
An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in commit 06df58f allows a remote attacker to escalate privileges via a crafted file to the check_was_abi_compatibility function.
local
low complexity
bytecodealliance CWE-125
7.8
2024-11-08 CVE-2024-50208 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages Avoid memory corruption while setting up Level-2 PBL pages for the non MR resources when num_pages > 256K. There will be a single PDE page address (contiguous pages in the case of > PAGE_SIZE), but, current logic assumes multiple pages, leading to invalid memory access after 256K PBL entries in the PDE.
local
low complexity
linux CWE-125
5.5
2024-11-07 CVE-2024-50158 Out-of-bounds Read vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Fix out of bound check Driver exports pacing stats only on GenP5 and P7 adapters.
local
low complexity
linux CWE-125
7.8