CVSS: 5.9EPSS: 0%CPEs: 198EXPL: 0CVE-2021-46792
https://notcve.org/view.php?id=CVE-2021-46792
09 May 2023 — Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service. Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of... • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 156EXPL: 0CVE-2021-46765
https://notcve.org/view.php?id=CVE-2021-46765
09 May 2023 — Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •
CVSS: 8.5EPSS: 0%CPEs: 108EXPL: 0CVE-2021-26365
https://notcve.org/view.php?id=CVE-2021-26365
09 May 2023 — Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents. Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about <... • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-3674
https://notcve.org/view.php?id=CVE-2021-3674
24 Mar 2023 — Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object's callback function. • https://gist.github.com/netspooky/61101e191afee95feda7dbd2f6b061c4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25563 – GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields
https://notcve.org/view.php?id=CVE-2023-25563
14 Feb 2023 — Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. ... This can lead to a large, up to 65KB, out-of-bounds read which could cause a denial-of-service if it reads from unmapped memory. Version 1.2.0 contains a patch for the out-of-bounds reads. ... Multiple out-of-bounds reads occur when decoding NTLM fields and can trigger ... • https://github.com/gssapi/gss-ntlmssp/commit/97c62c6167299028d80765080e74d91dfc99efbd • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2023-20530
https://notcve.org/view.php?id=CVE-2023-20530
10 Jan 2023 — Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-46768
https://notcve.org/view.php?id=CVE-2021-46768
10 Jan 2023 — Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 26%CPEs: 8EXPL: 0CVE-2022-46344 – X.Org Server ProcXIChangeProperty Numeric Truncation Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-46344
14 Dec 2022 — This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. ... The issue occurs because the handler for the XIChangeProperty request has a length-validation issue, resulting in out-of-bounds memory reads and potential information disclosure. ... This vulnerability allows local attackers to disclose sensitive information on a... • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2022-20483
https://notcve.org/view.php?id=CVE-2022-20483
13 Dec 2022 — In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. • https://source.android.com/security/bulletin/2022-12-01 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39392 – Wasmtime vulnerable to out of bounds read/write with zero-memory-pages configuration
https://notcve.org/view.php?id=CVE-2022-39392
10 Nov 2022 — Prior to version 2.0.2, there is a bug in Wasmtime's implementation of its pooling instance allocator when the allocator is configured to give WebAssembly instances a maximum of zero pages of memory. ... Wasmtime's default settings require virtual memory page faults to indicate that wasm reads/writes are out-of-bounds, but the pooling allocator's configuration would not create an appropriate virtual memory mapping for this meaning out of boun... • https://github.com/bytecodealliance/wasmtime/commit/e60c3742904ccbb3e26da201c9221c38a4981d72 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •