CVSS: 5.5EPSS: 0%CPEs: 45EXPL: 0CVE-2023-32825
https://notcve.org/view.php?id=CVE-2023-32825
06 Nov 2023 — In bluethooth service, there is a possible out of bounds reads due to improper input validation. • https://corp.mediatek.com/product-security-bulletin/November-2023 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-42822 – Unchecked access to font glyph info in xrdp
https://notcve.org/view.php?id=CVE-2023-42822
27 Sep 2023 — Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-bounds read within a potentially privileged process. ... Potentially an out-of-bounds write can follow the out-of-bounds read. ... It was discovered that xrdp incorrectly handled validation... • https://github.com/neutrinolabs/xrdp/commit/73acbe1f7957c65122b00de4d6f57a8d0d257c40 • CWE-125: Out-of-bounds Read •
CVSS: 3.7EPSS: 12%CPEs: 1EXPL: 0CVE-2023-42114 – Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-42114
27 Sep 2023 — Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. ... Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. ... Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. ... A remote a... • https://www.zerodayinitiative.com/advisories/ZDI-23-1468 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 68%CPEs: 1EXPL: 2CVE-2023-42115 – Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-42115
27 Sep 2023 — Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. ... Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. ... Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. ... A remote attacker could possibly use this issue to perform <... • https://github.com/kirinse/cve-2023-42115 • CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 6%CPEs: 1EXPL: 0CVE-2023-42116 – Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-42116
27 Sep 2023 — The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. ... • https://www.zerodayinitiative.com/advisories/ZDI-23-1470 • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2023-36803 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-36803
12 Sep 2023 — Windows Kernel Information Disclosure Vulnerability Vulnerabilidad de Divulgación de Información del Kernel de Windows The Microsoft Windows Kernel suffers from out-of-bounds reads and paged pool memory disclosure in VrpUpdateKeyInformation. • http://packetstormsecurity.com/files/175109/Microsoft-Windows-Kernel-Out-Of-Bounds-Reads-Memory-Disclosure.html • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40184 – Improper handling of session establishment errors in xrdp
https://notcve.org/view.php?id=CVE-2023-40184
30 Aug 2023 — In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. ... It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. • https://github.com/neutrinolabs/xrdp/blame/9bbb2ec68f390504c32f2062847aa3d821a0089a/sesman/sesexec/session.c#L571C5-L571C19 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 2%CPEs: 11EXPL: 1CVE-2023-35386 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35386
08 Aug 2023 — Windows Kernel Elevation of Privilege Vulnerability The Microsoft Windows Kernel suffers from out-of-bounds reads due to an integer overflow in registry .LOG file parsing. • http://packetstormsecurity.com/files/174567/Microsoft-Windows-Kernel-Integer-Overflow-Out-Of-Bounds-Read.html • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25600
https://notcve.org/view.php?id=CVE-2023-25600
03 Aug 2023 — A malicious operating system can tamper with a runtime-writable EFI variable, leading to out-of-bounds memory reads and a denial of service. • https://www.insyde.com/security-pledge • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-3463 – GE Digital CIMPLICITY Heap-based Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-3463
19 Jul 2023 — All versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and a heap-based buffer overflow. • https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-06 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •