Search Results (530 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-31082 1 Redhat 1 Enterprise Linux 2026-04-15 7.3 High
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
CVE-2024-28326 1 Asus 1 Rt-n12\+ B1 Firmware 2026-04-15 6.8 Medium
Incorrect Access Control in ASUS RT-N12+ B1 and RT-N12 D1 routers allows local attackers to obtain root terminal access via the the UART interface.
CVE-2024-31080 1 Redhat 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2026-04-15 7.3 High
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
CVE-2024-12011 2026-04-15 7.6 High
A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid authentication tokens from the process memory associated to users currently logged to the system and bypass the authentication mechanism.
CVE-2025-22889 1 Intel 3 Processor, Xeon, Xeon Processors 2026-04-15 7.9 High
Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-48973 1 Baxter 1 Life2000 Ventilator Firmware 2026-04-15 9.3 Critical
The debug port on the ventilator's serial interface is enabled by default. This could allow an attacker to send and receive messages over the debug port (which are unencrypted; see 3.2.1) that result in unauthorized disclosure of information and/or have unintended impacts on device settings and performance.
CVE-2024-12975 2026-04-15 N/A
A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface.
CVE-2025-0012 1 Amd 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors 2026-04-15 N/A
Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality.
CVE-2025-4207 1 Postgresql 1 Postgresql 2026-04-15 5.9 Medium
Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected.
CVE-2025-7745 2026-04-15 5.8 Medium
Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2.
CVE-2025-29948 1 Amd 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors 2026-04-15 N/A
Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.
CVE-2026-4371 1 Mozilla 1 Thunderbird 2026-04-14 7.4 High
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9.
CVE-2026-21381 1 Qualcomm 207 Ar8035, Ar8035 Firmware, Cologne and 204 more 2026-04-13 7.6 High
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
CVE-2025-47390 1 Qualcomm 59 Cologne, Cologne Firmware, Fastconnect 6700 and 56 more 2026-04-09 7.8 High
Memory corruption while preprocessing IOCTL request in JPEG driver.
CVE-2025-47400 1 Qualcomm 23 Pandeiro, Pandeiro Firmware, Snapdragon and 20 more 2026-04-09 7.1 High
Cryptographic issue while copying data to a destination buffer without validating its size.
CVE-2026-21367 1 Qualcomm 301 Ar8035, Ar8035 Firmware, Cologne and 298 more 2026-04-09 7.6 High
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
CVE-2026-21371 1 Qualcomm 105 Aqt1000, Aqt1000 Firmware, Cologne and 102 more 2026-04-09 7.8 High
Memory Corruption when retrieving output buffer with insufficient size validation.
CVE-2026-21373 1 Qualcomm 109 Aqt1000, Aqt1000 Firmware, Cologne and 106 more 2026-04-09 7.8 High
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21374 1 Qualcomm 109 Aqt1000, Aqt1000 Firmware, Cologne and 106 more 2026-04-09 7.8 High
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
CVE-2026-21375 1 Qualcomm 71 Cologne, Cologne Firmware, Fastconnect 6700 and 68 more 2026-04-09 7.8 High
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.