Medium
CVSS: 5.6
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_mscon…
Medium
CVSS: 5.6
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 bui…
Medium
CVSS: 5.6
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.…
High
CVSS: 7.1
In the Linux kernel, the following vulnerability has been resolved:
media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()
It's possible for cp_read() and hdmi_read() to return -EIO. Those
values are furthe…
High
CVSS: 7.1
In the Linux kernel, the following vulnerability has been resolved:
RDMA/irdma: avoid invalid read in irdma_net_event
irdma_net_event() should not dereference anything from "neigh" (alias
"ptr") until it has checked that the event is NETE…
High
CVSS: 7.1
In the Linux kernel, the following vulnerability has been resolved:
libceph: make decode_pool() more resilient against corrupted osdmaps
If the osdmap is (maliciously) corrupted such that the encoded length
of ceph_pg_pool envelope is les…
High
CVSS: 7.1
In the Linux kernel, the following vulnerability has been resolved:
net: hns3: add VLAN id validation before using
Currently, the VLAN id may be used without validation when
receive a VLAN configuration mailbox from VF. The length of
vlan…
Medium
CVSS: 5.5
Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Expl…
Medium
CVSS: 5.5
Substance3D - Modeler versions 1.22.4 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Expl…
Medium
CVSS: 5.5
Substance3D - Designer versions 15.0.3 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exp…
Medium
CVSS: 5.3
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intend…
Medium
CVSS: 5.3
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intend…
Medium
CVSS: 5.5
InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Explo…
High
CVSS: 7.8
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
High
CVSS: 8.4
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.
Medium
CVSS: 4.3
Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.
Medium
CVSS: 6.2
Out-of-bounds read in Capability Access Management Service (camsvc) allows an unauthorized attacker to disclose information locally.
Medium
CVSS: 5.5
Out-of-bounds read in Capability Access Management Service (camsvc) allows an authorized attacker to disclose information locally.
Medium
CVSS: 5.5
Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally.
Medium
CVSS: 4.6
Out-of-bounds read in Windows Internet Connection Sharing (ICS) allows an unauthorized attacker to disclose information with a physical attack.