CVSS: 7.8EPSS: %CPEs: 2EXPL: 0CVE-2025-32906 – Libsoup: out of bounds reads in soup_headers_parse_request()
https://notcve.org/view.php?id=CVE-2025-32906
14 Apr 2025 — A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. • https://access.redhat.com/security/cve/CVE-2025-32906 • CWE-125: Out-of-bounds Read •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32365
https://notcve.org/view.php?id=CVE-2025-32365
05 Apr 2025 — Poppler before 25.04.0 allows crafted input files to trigger out-of-bounds reads in the JBIG2Bitmap::combine function in JBIG2Stream.cc because of a misplaced isOk check. • https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49740 – wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads
https://notcve.org/view.php?id=CVE-2022-49740
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads This patch fixes slab-out-of-bounds reads in brcmfmac that occur in brcmf_construct_chaninfo() and brcmf_enable_bw40_2g() when the count value of channel specifications provided by the device is greater than the length of 'list->element[]', decided by the size of the 'list' ... • https://git.kernel.org/stable/c/9cf5e99c1ae1a85286a76c9a970202750538394c •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2022-49051 – net: usb: aqc111: Fix out-of-bounds accesses in RX fixup
https://notcve.org/view.php?id=CVE-2022-49051
26 Feb 2025 — In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111_rx_fixup() contains several out-of-bounds accesses that can be triggered by a malicious (or defective) USB device, in particular: - The metadata array (desc_offset..desc_offset+2*pkt_count) can be out of bounds, causing OOB reads and (on big-endian systems) OOB endianness flips. • https://git.kernel.org/stable/c/17364b805f5b9016bb528241ba91481e3497e5e1 •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1674 – Out of bounds read when unpacking DNS answers
https://notcve.org/view.php?id=CVE-2025-1674
25 Feb 2025 — A lack of input validation allows for out of bounds reads caused by malicious or malformed packets. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-x975-8pgf-qh66 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2024-53150 – Linux Kernel Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2024-53150
24 Dec 2024 — In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of each descriptor at traversing for clock descriptors. In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out of bounds reads when finding clock sources The current USB-audio driver code doesn't check bLength of... • https://git.kernel.org/stable/c/a632bdcb359fd8145e86486ff8612da98e239acd • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2024-11614 – Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library
https://notcve.org/view.php?id=CVE-2024-11614
18 Dec 2024 — An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. ... Issues addressed include a denial of service vulnerability. • https://access.redhat.com/security/cve/CVE-2024-11614 • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47602 – GHSL-2024-250: Streamer NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer
https://notcve.org/view.php?id=CVE-2024-47602
11 Dec 2024 — GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been discovered in the gst_matroska_demux_add_wvpk_header function within matroska-demux.c. This function does not properly check the validity of the stream->codec_priv pointer in the following code. If stream->codec_priv is NULL, the call to GST_READ_UINT16_LE will attempt to dereference a null pointer, leading to a crash of the application. ... An attacker c... • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8057.patch • CWE-125: Out-of-bounds Read CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2017-17772 – Multiple buffer overread vulnerabilities in WLAN
https://notcve.org/view.php?id=CVE-2017-17772
26 Nov 2024 — In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9371
https://notcve.org/view.php?id=CVE-2018-9371
19 Nov 2024 — In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-06-01 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •