CVSS: 7.8EPSS: 0%CPEs: 104EXPL: 0CVE-2021-26384
https://notcve.org/view.php?id=CVE-2021-26384
14 Jul 2022 — A malformed SMI (System Management Interface) command may allow an attacker to establish a corrupted SMI Trigger Info data structure, potentially leading to out-of-bounds memory reads and writes when triggering an SMI resulting in a potential loss of resources. • https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1027 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26505 – Gentoo Linux Security Advisory 202311-12
https://notcve.org/view.php?id=CVE-2022-26505
06 Mar 2022 — A remote attacker could possibly use this issue to cause buffer overflows, resulting in out-of-bounds reads and writes. • http://www.openwall.com/lists/oss-security/2022/03/06/1 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-23613 – Privilege escalation on xrdp
https://notcve.org/view.php?id=CVE-2022-23613
07 Feb 2022 — No hay medidas de mitigación adicionales conocidas It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. • https://github.com/neutrinolabs/xrdp/commit/4def30ab8ea445cdc06832a44c3ec40a506a0ffa • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.0EPSS: 0%CPEs: 7EXPL: 3CVE-2021-4202 – Ubuntu Security Notice USN-5265-1
https://notcve.org/view.php?id=CVE-2021-4202
03 Feb 2022 — Se encontró un fallo de uso de memoria previamente liberada en la función nci_request en el archivo net/nfc/nci/core.c en NFC Controller Interface (NCI) en el kernel de Linux. este fallo podría permitir a un atacante local con privilegios de usuario causar un problema de carrera de datos mientras es retirado el dispositivo, conllevando a un problema de escalada de privilegios Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control req... • http://www.openwall.com/lists/oss-security/2022/06/01/2 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-4093 – kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io
https://notcve.org/view.php?id=CVE-2021-4093
03 Feb 2022 — A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario. ... Este problema resulta en un bloqueo de todo el sistema o en un potencial escenario de escape del huésped al host Jeremy Cline discovered a use-after-free in the nouveau gra... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2222 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-39685 – Ubuntu Security Notice USN-5337-1
https://notcve.org/view.php?id=CVE-2021-39685
28 Jan 2022 — In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. ... Producto: Android, Versiones: Android kernel, ID de Android: A-210292376, Referencias: kernel Ascendente Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for ce... • https://github.com/szymonh/inspector-gadget • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2021-22600 – Linux Kernel Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-22600
26 Jan 2022 — A local attacker could use this to cause a denial of service or possibly execute arbitrary code. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 • CWE-415: Double Free •
CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 0CVE-2021-39218 – Out-of-bounds read/write and invalid free with `externref`s and GC safepoints in Wasmtime
https://notcve.org/view.php?id=CVE-2021-39218
17 Sep 2021 — There was an invalid free and out-of-bounds read and write bug when running Wasm that uses `externref`s in Wasmtime. ... Under this scenario, Wasmtime would incorrectly use the GC stack map for the safepoint from earlier in the function instead of the empty safepoint. ... This results in a free of memory that is not necessarily on the heap (and shouldn't be freed at this moment even if it was), as well as potential out-of-bounds reads and writes... • https://crates.io/crates/wasmtime • CWE-125: Out-of-bounds Read CWE-590: Free of Memory not on the Heap CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-39258 – ntfs-3g: Out-of-bounds reads in ntfs_attr_find() and ntfs_external_attr_find()
https://notcve.org/view.php?id=CVE-2021-39258
07 Sep 2021 — A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22. ... When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. ... Issues addressed include buffer overflow, integer overflow, null pointer, out of bounds access, out of bounds read, and use-after-free vulnerabilities. • https://github.com/tuxera/ntfs-3g/releases • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.2EPSS: 0%CPEs: 8EXPL: 0CVE-2021-38517
https://notcve.org/view.php?id=CVE-2021-38517
11 Aug 2021 — Certain NETGEAR devices are affected by out-of-bounds reads and writes. • https://kb.netgear.com/000063772/Security-Advisory-for-Out-of-Bounds-Read-and-Write-on-Some-Routers-PSV-2019-0187 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •