| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately restrict or validate the size of incoming multipart boundary strings. When processing a crafted HTTP response containing a malformed or oversized boundary parameter, the internal stream reader reads past the allocated buffer bounds. A remote, unauthenticated attacker can exploit this behavior to cause a service denial (DoS) through application failure or potentially read fragments of unauthorized memory metadata. |
| DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row.
When the statement handle had no fields but the source row was non-empty, the internal row-buffer helper would read from a negative array index.
This could be triggered by a caller supplying inconsistent metadata and rows to the prepare method. |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. |
| Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to elevate privileges with a physical attack. |
| Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to execute code with a physical attack. |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. |
| Improper validation of consistency within input in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Stack-based buffer overflow in Windows App Installer allows an authorized attacker to elevate privileges locally. |
| Stack-based buffer overflow in Windows GDI allows an authorized attacker to elevate privileges locally. |
| Out-of-bounds read in Windows Kernel allows an unauthorized attacker to disclose information over a network. |
| Out-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally. |
| Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally. |
| Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network. |
| Insufficient granularity of access control in Windows Event Logging Service allows an authorized attacker to execute code over a network. |
| Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network. |
| Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally. |
| Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally. |
| Stack-based buffer overflow in Microsoft Fabric Data Warehouse allows an authorized attacker to execute code over a network. |