CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2022-37991 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2022-37991
11 Oct 2022 — Windows Kernel Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios en Windows Kernel. Este ID de CVE es diferente de CVE-2022-37988, CVE-2022-37990, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039 The Windows kernel suffers from out-of-bounds reads and other issues when operating on long registry key and value names. • http://packetstormsecurity.com/files/169807/Windows-Kernel-Long-Registry-Key-Value-Out-Of-Bounds-Read.html •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-2964 – kernel: memory corruption in AX88179_178A based USB ethernet device.
https://notcve.org/view.php?id=CVE-2022-2964
09 Sep 2022 — The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. • https://bugzilla.redhat.com/show_bug.cgi?id=2067482 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 104EXPL: 0CVE-2021-26384
https://notcve.org/view.php?id=CVE-2021-26384
14 Jul 2022 — A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-4093 – kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io
https://notcve.org/view.php?id=CVE-2021-4093
03 Feb 2022 — A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. • https://bugs.chromium.org/p/project-zero/issues/detail?id=2222 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-39218 – Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
https://notcve.org/view.php?id=CVE-2021-39218
17 Sep 2021 — There was an invalid free and out-of-bounds read and write bug when running Wasm that uses `externref`s in Wasmtime. ... Under this scenario, Wasmtime would incorrectly use the GC stack map for the safepoint from earlier in the function instead of the empty safepoint. ... This results in a free of memory that is not necessarily on the heap (and shouldn't be freed at this moment even if it was), as well as potential out-of-bounds reads and writes... • https://crates.io/crates/wasmtime • CWE-125: Out-of-bounds Read CWE-590: Free of Memory not on the Heap CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-39258 – ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find()
https://notcve.org/view.php?id=CVE-2021-39258
07 Sep 2021 — A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. ... When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. • https://github.com/tuxera/ntfs-3g/releases • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2021-38517
https://notcve.org/view.php?id=CVE-2021-38517
11 Aug 2021 — Certain NETGEAR devices are affected by out-of-bounds reads and writes. • https://kb.netgear.com/000063772/Security-Advisory-for-Out-of-Bounds-Read-and-Write-on-Some-Routers-PSV-2019-0187 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2021-3600 – kernel: eBPF 32-bit source register truncation on div/mod
https://notcve.org/view.php?id=CVE-2021-3600
23 Jun 2021 — It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. ... A flaw was found in the Linux kernel’s eBPF verification code, where the eBPF 32-bit div/mod source register truncation could lead to out-of-bounds reads and writes. • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2021-33200 – kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier
https://notcve.org/view.php?id=CVE-2021-33200
27 May 2021 — This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. ... An incorrect limit is enforced for pointer arithmetic operations which can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3d0220f6861d713213b015b582e9f21e5b28d2e0 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-29583 – Heap buffer overflow and undefined behavior in `FusedBatchNorm`
https://notcve.org/view.php?id=CVE-2021-29583
14 May 2021 — The implementation of `tf.raw_ops.FusedBatchNorm` is vulnerable to a heap buffer overflow. ... The implementation(https://github.com/tensorflow/tensorflow/blob/57d86e0db5d1365f19adcce848dfc1bf89fdd4c7/tensorflow/core/kernels/fused_batch_norm_op.cc) fails to validate that `scale`, `offset`, `mean` and `variance` (the last two only when required) all have the same number of elements as the number of channels of `x`. This results in heap out of bounds readsOut-of-bounds Read CWE-476: NULL Pointer Dereference •