Filtered by CWE-125
Total 7866 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-21728 1 Google 1 Tensorflow 2025-05-05 8.1 High
Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `ReverseSequence` does not fully validate the value of `batch_dim` and can result in a heap OOB read. There is a check to make sure the value of `batch_dim` does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of `Dim` would access elements before the start of an array. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
CVE-2022-21726 1 Google 1 Tensorflow 2025-05-05 8.1 High
Tensorflow is an Open Source Machine Learning Framework. The implementation of `Dequantize` does not fully validate the value of `axis` and can result in heap OOB accesses. The `axis` argument can be `-1` (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
CVE-2022-21240 1 Intel 6 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6e Ax211 and 3 more 2025-05-05 4.4 Medium
Out of bounds read for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable information disclosure via local access.
CVE-2022-21226 1 Intel 1 Trace Analyzer And Collector 2025-05-05 5.5 Medium
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-21133 1 Intel 1 Trace Analyzer And Collector 2025-05-05 5.5 Medium
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2021-42374 3 Busybox, Fedoraproject, Netapp 19 Busybox, Fedora, Cloud Backup and 16 more 2025-05-05 5.3 Medium
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that
CVE-2021-33120 1 Intel 50 Atom P5921b, Atom P5921b Firmware, Atom P5931b and 47 more 2025-05-05 5.4 Medium
Out of bounds read under complex microarchitectural condition in memory subsystem for some Intel Atom(R) Processors may allow authenticated user to potentially enable information disclosure or cause denial of service via network access.
CVE-2021-33105 1 Intel 4 Core I5-8305g, Core I5-8305g Firmware, Core I7-8706g and 1 more 2025-05-05 5.5 Medium
Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM) RX Vega M GL integrated graphics before version 21.10 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2021-31239 1 Sqlite 1 Sqlite 2025-05-05 7.5 High
An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function.
CVE-2021-26950 1 Intel 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more 2025-05-05 5.5 Medium
Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2021-26254 1 Intel 18 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 15 more 2025-05-05 5.5 Medium
Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable denial of service via local access.
CVE-2021-23179 1 Intel 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more 2025-05-05 7.1 High
Out of bounds read in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2021-23168 1 Intel 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more 2025-05-05 6.5 Medium
Out of bounds read for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2021-0118 2 Intel, Netapp 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more 2025-05-05 6.7 Medium
Out-of-bounds read in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-9675 2 Adobe, Microsoft 2 Bridge, Windows 2025-05-05 7.8 High
Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2019-8244 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 4.3 Medium
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-8243 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 4.3 Medium
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-8242 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 4.3 Medium
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-8241 3 Adobe, Apple, Microsoft 3 Media Encoder, Macos, Windows 2025-05-05 4.3 Medium
Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2024-34244 1 Libmodbus 1 Libmodbus 2025-05-05 7.5 High
libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors.