CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-33476 – Debian Security Advisory 5434-1
https://notcve.org/view.php?id=CVE-2023-33476
02 Jun 2023 — This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write. ... A remote attacker could possibly use this issue to cause buffer overflows, resulting in out-of-bounds reads and writes. • https://github.com/mellow-hype/cve-2023-33476 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2618 – OpenCV wechat_qrcode Module decoded_bit_stream_parser.cpp decodeHanziSegment memory leak
https://notcve.org/view.php?id=CVE-2023-2618
10 May 2023 — The name of the patch is 2b62ff6181163eea029ed1cab11363b4996e9cd6. ... The identifier of this vulnerability is VDB-228548. ... It was discovered that OpenCV did not properly manage certain XML data, leading to a NULL pointer dereference. ... It was discovered that OpenCV may perform out-of-bounds reads in certain situations. An attacker could possibly use this issue to cause OpenCV to crash, resulting in a denial of service, or the execution of ... • https://github.com/opencv/opencv_contrib/pull/3484 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.9EPSS: 0%CPEs: 198EXPL: 0CVE-2021-46792
https://notcve.org/view.php?id=CVE-2021-46792
09 May 2023 — Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of service. Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of... • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 156EXPL: 0CVE-2021-46765
https://notcve.org/view.php?id=CVE-2021-46765
09 May 2023 — Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •
CVSS: 8.5EPSS: 0%CPEs: 108EXPL: 0CVE-2021-26365
https://notcve.org/view.php?id=CVE-2021-26365
09 May 2023 — Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-bounds memory contents. Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about <... • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4001 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-3674
https://notcve.org/view.php?id=CVE-2021-3674
24 Mar 2023 — Crafted values in the headers can cause out of bounds reads, which can lead to memory corruption and possibly code execution through the binary object's callback function. • https://gist.github.com/netspooky/61101e191afee95feda7dbd2f6b061c4 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25563 – GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields
https://notcve.org/view.php?id=CVE-2023-25563
14 Feb 2023 — Prior to version 1.2.0, multiple out-of-bounds reads when decoding NTLM fields can trigger a denial of service. ... This can lead to a large, up to 65KB, out-of-bounds read which could cause a denial-of-service if it reads from unmapped memory. Version 1.2.0 contains a patch for the out-of-bounds reads. ... Multiple out-of-bounds reads occur when decoding NTLM fields and can trigger ... • https://github.com/gssapi/gss-ntlmssp/commit/97c62c6167299028d80765080e74d91dfc99efbd • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2023-20530
https://notcve.org/view.php?id=CVE-2023-20530
10 Jan 2023 — Insufficient input validation of BIOS mailbox messages in SMU may result in out-of-bounds memory reads potentially resulting in a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-46768
https://notcve.org/view.php?id=CVE-2021-46768
10 Jan 2023 — Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service. • https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-1032 • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-46344 – X.Org Server ProcXIChangeProperty Numeric Truncation Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-46344
14 Dec 2022 — This security flaw occurs because the handler for the XIChangeProperty request has a length-validation issues, resulting in out-of-bounds memory reads and potential information disclosure. ... The issue occurs because the handler for the XIChangeProperty request has a length-validation issue, resulting in out-of-bounds memory reads and potential information disclosure. ... The issue results from the lack of proper validation of user-suppl... • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-125: Out-of-bounds Read •