Common Weakness Enumeration

CWE-125

Allowed

Out-of-bounds Read

Abstraction: Base · Status: Draft

The product reads data past the end, or before the beginning, of the intended buffer.

11292 vulnerabilities reference this CWE, most recent first.

CVE-2023-22845 (GCVE-0-2023-22845)

Vulnerability from cvelistv5 – Published: 2023-03-30 15:47 – Updated: 2024-08-02 10:20
VLAI
Summary
An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
OpenImageIO Project OpenImageIO Affected: v2.4.7.1
Create a notification for this product.
openimageio openimageio Affected: 2.4.7.1
    cpe:2.3:a:openimageio:openimageio:2.4.7.1:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:20:30.734Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1708"
          },
          {
            "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1708",
            "tags": [
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1708"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:openimageio:openimageio:2.4.7.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "openimageio",
            "vendor": "openimageio",
            "versions": [
              {
                "status": "affected",
                "version": "2.4.7.1"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22845",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T14:16:06.994887Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T14:18:27.673Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "OpenImageIO",
          "vendor": "OpenImageIO Project",
          "versions": [
            {
              "status": "affected",
              "version": "v2.4.7.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-30T15:47:40.603Z",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1708",
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1708"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2023-22845",
    "datePublished": "2023-03-30T15:47:40.603Z",
    "dateReserved": "2023-01-25T21:45:19.329Z",
    "dateUpdated": "2024-08-02T10:20:30.734Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22656 (GCVE-0-2023-22656)

Vulnerability from cvelistv5 – Published: 2024-05-16 20:47 – Updated: 2024-08-02 10:13
VLAI
Summary
Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • escalation of privilege
  • CWE-125 - Out-of-bounds read
  • CWE-125 - Out-of-bounds Read
Assigner
Impacted products
Vendor Product Version
n/a Intel(R) Media SDK and some Intel(R) oneVPL software Affected: before version 23.3.5
intel media_sdk Affected: -
    cpe:2.3:a:intel:media_sdk:-:*:*:*:*:*:*:*
Create a notification for this product.
intel onevpl_gpu_runtime Affected: 0 , < 23.3.5 (semver)
    cpe:2.3:a:intel:onevpl_gpu_runtime:*:*:*:*:*:*:*:*
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:intel:media_sdk:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "media_sdk",
            "vendor": "intel",
            "versions": [
              {
                "status": "affected",
                "version": "-"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:intel:onevpl_gpu_runtime:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "onevpl_gpu_runtime",
            "vendor": "intel",
            "versions": [
              {
                "lessThan": "23.3.5",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22656",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-20T14:57:28.358305Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-125",
                "description": "CWE-125 Out-of-bounds Read",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T19:27:18.515Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:13:49.818Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html",
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) Media SDK and some Intel(R) oneVPL software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 23.3.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "escalation of privilege",
              "lang": "en"
            },
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-16T20:47:41.469Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html",
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00935.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-22656",
    "datePublished": "2024-05-16T20:47:41.469Z",
    "dateReserved": "2023-01-11T04:00:03.391Z",
    "dateUpdated": "2024-08-02T10:13:49.818Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22485 (GCVE-0-2023-22485)

Vulnerability from cvelistv5 – Published: 2023-01-24 00:26 – Updated: 2025-03-10 21:20
VLAI
Title
cmark-gfm out-of-bounds read in validate_protocol
Summary
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the `validate_protocol` function. We believe this bug is harmless in practice, because the out-of-bounds read accesses `malloc` metadata without causing any visible damage.This vulnerability has been patched in 0.29.0.gfm.7.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
github cmark-gfm Affected: < 0.29.0.gfm.7
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:13:48.514Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22485",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-10T21:02:09.252840Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-10T21:20:51.304Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "cmark-gfm",
          "vendor": "github",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.29.0.gfm.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "cmark-gfm is GitHub\u0027s fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior 0.29.0.gfm.7, a crafted markdown document can trigger an out-of-bounds read in the `validate_protocol` function. We believe this bug is harmless in practice, because the out-of-bounds read accesses `malloc` metadata without causing any visible damage.This vulnerability has been patched in 0.29.0.gfm.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-24T00:26:57.671Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr"
        }
      ],
      "source": {
        "advisory": "GHSA-c944-cv5f-hpvr",
        "discovery": "UNKNOWN"
      },
      "title": "cmark-gfm out-of-bounds read in validate_protocol"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-22485",
    "datePublished": "2023-01-24T00:26:57.671Z",
    "dateReserved": "2022-12-29T17:41:28.088Z",
    "dateUpdated": "2025-03-10T21:20:51.304Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22354 (GCVE-0-2023-22354)

Vulnerability from cvelistv5 – Published: 2023-04-20 18:13 – Updated: 2025-01-16 21:35
VLAI
Title
Datakit CrossCAD/Ware
Summary
Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Datakit CrossCAD/Ware_x64 library 0 Affected: 0 , < 2023.1 (custom)
Create a notification for this product.
Date Public
2023-04-13 17:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:06.482Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22354",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T20:21:18.232730Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T21:35:58.720Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CrossCAD/Ware_x64 library 0",
          "vendor": "Datakit",
          "versions": [
            {
              "lessThan": "2023.1 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-04-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \u003c/span\u003e\n\n \u003c/span\u003e\n\n \u003c/span\u003e\n\n"
            }
          ],
          "value": "\n\n\n\n\nDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \n\n \n\n \n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-20T18:13:50.042Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eDatakit recommends user upgrade to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datakit.com/en/crosscad_ware.php\"\u003ev2023.1\u003c/a\u003e\u0026nbsp;or later. \u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "\nDatakit recommends user upgrade to  v2023.1 https://www.datakit.com/en/crosscad_ware.php \u00a0or later. \n\n\n\n\n"
        }
      ],
      "source": {
        "advisory": "ICSA-23-103-14",
        "discovery": "EXTERNAL"
      },
      "title": "Datakit CrossCAD/Ware",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk:\u003c/p\u003e\u003cul\u003e\u003cli\u003eDo not open untrusted SLDPRT files with CrossCAD/Ware\u003c/li\u003e\u003cli\u003eUpdate CrossCAD/Ware to 2023.1 or a later version.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "\nDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk:\n\n  *  Do not open untrusted SLDPRT files with CrossCAD/Ware\n  *  Update CrossCAD/Ware to 2023.1 or a later version.\n\n\n\n\n\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2023-22354",
    "datePublished": "2023-04-20T18:13:50.042Z",
    "dateReserved": "2023-01-23T18:59:04.552Z",
    "dateUpdated": "2025-01-16T21:35:58.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22338 (GCVE-0-2023-22338)

Vulnerability from cvelistv5 – Published: 2023-08-11 02:37 – Updated: 2025-02-13 16:43
VLAI
Summary
Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • information disclosure
  • CWE-125 - Out-of-bounds read
Assigner
Impacted products
Vendor Product Version
n/a Intel(R) oneVPL GPU software Affected: before version 22.6.5
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:05.808Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html",
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J7RNFPWOSFII2JE2KDRHPLJANZC3YATW/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TULYSWHC3X76AIGGMUSLBTWOXNND6IEV/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L27GRS7E45IOCZ44VQX2NJ33GVRBWHBS/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22338",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T14:22:23.675605Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T14:24:39.216Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Intel(R) oneVPL GPU software",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "before version 22.6.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Out-of-bounds read in some Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable information disclosure via local access."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "information disclosure",
              "lang": "en"
            },
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-03T20:06:16.019Z",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html",
          "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J7RNFPWOSFII2JE2KDRHPLJANZC3YATW/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TULYSWHC3X76AIGGMUSLBTWOXNND6IEV/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L27GRS7E45IOCZ44VQX2NJ33GVRBWHBS/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2023-22338",
    "datePublished": "2023-08-11T02:37:03.161Z",
    "dateReserved": "2023-01-07T04:00:03.830Z",
    "dateUpdated": "2025-02-13T16:43:51.062Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22321 (GCVE-0-2023-22321)

Vulnerability from cvelistv5 – Published: 2023-04-20 18:12 – Updated: 2025-01-16 21:36
VLAI
Title
Datakit CrossCAD/Ware
Summary
Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Datakit CrossCAD/Ware_x64 library 0 Affected: 0 , < 2023.1 (custom)
Create a notification for this product.
Date Public
2023-04-13 17:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:06.062Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22321",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T20:21:20.976360Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T21:36:07.126Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CrossCAD/Ware_x64 library 0",
          "vendor": "Datakit",
          "versions": [
            {
              "lessThan": "2023.1 ",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-04-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \u003c/span\u003e\n\n \u003c/span\u003e\n\n"
            }
          ],
          "value": "\n\n\nDatakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information. \n\n \n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-20T18:12:15.327Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cp\u003eDatakit recommends user upgrade to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datakit.com/en/crosscad_ware.php\"\u003ev2023.1\u003c/a\u003e\u0026nbsp;or later. \u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "\nDatakit recommends user upgrade to  v2023.1 https://www.datakit.com/en/crosscad_ware.php \u00a0or later. \n\n\n\n\n"
        }
      ],
      "source": {
        "advisory": "ICSA-23-103-14",
        "discovery": "EXTERNAL"
      },
      "title": "Datakit CrossCAD/Ware",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\n\n\n\n\n\n\n\u003cp\u003eDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk: \u003c/p\u003e\n\u003cul\u003e\u003cli\u003eDo not open untrusted SLDPRT files with CrossCAD/Ware \u003c/li\u003e\n\u003cli\u003eUpdate CrossCAD/Ware to 2023.1 or a later version.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "\n\n\n\n\n\n\n\nDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk: \n\n\n  *  Do not open untrusted SLDPRT files with CrossCAD/Ware \n\n  *  Update CrossCAD/Ware to 2023.1 or a later version.\n\n\n\n\n\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2023-22321",
    "datePublished": "2023-04-20T18:12:15.327Z",
    "dateReserved": "2023-01-23T18:59:04.538Z",
    "dateUpdated": "2025-01-16T21:36:07.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22295 (GCVE-0-2023-22295)

Vulnerability from cvelistv5 – Published: 2023-04-20 18:09 – Updated: 2025-01-16 21:36
VLAI
Title
CVE-2023-22295
Summary
Datakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Impacted products
Vendor Product Version
Datakit CrossCAD/Ware_x64 library Affected: 0 , < 2023.1 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:05.783Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22295",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T20:21:23.843157Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T21:36:13.393Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CrossCAD/Ware_x64 library",
          "vendor": "Datakit",
          "versions": [
            {
              "lessThan": "2023.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eDatakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.\u003c/p\u003e"
            }
          ],
          "value": "Datakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-20T18:09:44.137Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-103-14"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\nDatakit recommends user upgrade to \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.datakit.com/en/crosscad_ware.php\"\u003ev2023.1\u003c/a\u003e\u0026nbsp;or later. \n\n\u003cbr\u003e"
            }
          ],
          "value": "Datakit recommends user upgrade to  v2023.1 https://www.datakit.com/en/crosscad_ware.php \u00a0or later. \n\n\n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "CVE-2023-22295",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\u003cp\u003eDatakit has identified specific workarounds and mitigations that should be applied to reduce the risk: \u003c/p\u003e\n\u003cul\u003e\u003cli\u003eDo not open untrusted SLDPRT files with CrossCAD/Ware \u003c/li\u003e\n\u003cli\u003eUpdate CrossCAD/Ware to 2023.1 or a later version. \u003c/li\u003e\n\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Datakit has identified specific workarounds and mitigations that should be applied to reduce the risk: \n\n\n  *  Do not open untrusted SLDPRT files with CrossCAD/Ware \n\n  *  Update CrossCAD/Ware to 2023.1 or a later version. \n\n\n\n\n\n\n"
        }
      ],
      "x_generator": {
        "engine": "VINCE 2.0.7",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2023-22295"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2023-22295",
    "datePublished": "2023-04-20T18:09:44.137Z",
    "dateReserved": "2023-01-23T18:59:04.548Z",
    "dateUpdated": "2025-01-16T21:36:13.393Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22233 (GCVE-0-2023-22233)

Vulnerability from cvelistv5 – Published: 2023-02-17 00:00 – Updated: 2024-08-02 13:29
VLAI
Title
Adobe After Effects Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Summary
After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-125 - Out-of-bounds Read (CWE-125)
Assigner
Impacted products
Vendor Product Version
Adobe After Effects Affected: unspecified , ≤ 23.1 (custom)
Affected: unspecified , ≤ 22.6.3 (custom)
Affected: unspecified , ≤ None (custom)
Create a notification for this product.
adobe after_effects Affected: 0 , ≤ 23.1 (custom)
Affected: 0 , ≤ 22.6.3 (custom)
    cpe:2.3:a:adobe:after_effects:*:*:*:*:*:macos:*:*
Create a notification for this product.
adobe after_effects Affected: 0 , ≤ 23.1 (custom)
Affected: 0 , ≤ 22.6.3 (custom)
    cpe:2.3:a:adobe:after_effects:*:*:*:*:*:windows:*:*
Create a notification for this product.
Date Public
2023-02-14 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:04.869Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://helpx.adobe.com/security/products/after_effects/apsb23-02.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:macos:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "after_effects",
            "vendor": "adobe",
            "versions": [
              {
                "lessThanOrEqual": "23.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "22.6.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:adobe:after_effects:*:*:*:*:*:windows:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "after_effects",
            "vendor": "adobe",
            "versions": [
              {
                "lessThanOrEqual": "23.1",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "lessThanOrEqual": "22.6.3",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22233",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-02T12:56:48.625152Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-02T13:29:46.833Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "After Effects",
          "vendor": "Adobe",
          "versions": [
            {
              "lessThanOrEqual": "23.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "22.6.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "None",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-02-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read (CWE-125)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-17T00:00:00.000Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "url": "https://helpx.adobe.com/security/products/after_effects/apsb23-02.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Adobe After Effects Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2023-22233",
    "datePublished": "2023-02-17T00:00:00.000Z",
    "dateReserved": "2022-12-19T00:00:00.000Z",
    "dateUpdated": "2024-08-02T13:29:46.833Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22231 (GCVE-0-2023-22231)

Vulnerability from cvelistv5 – Published: 2023-02-17 00:00 – Updated: 2025-03-05 19:26
VLAI
Title
Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Summary
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-125 - Out-of-bounds Read (CWE-125)
Assigner
Impacted products
Vendor Product Version
Adobe Bridge Affected: unspecified , ≤ 12.0.3 (custom)
Affected: unspecified , ≤ 13.0.1 (custom)
Affected: unspecified , ≤ None (custom)
Create a notification for this product.
Date Public
2023-02-14 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:07:05.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://helpx.adobe.com/security/products/bridge/apsb23-09.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22231",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-05T18:40:59.646306Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-05T19:26:14.783Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Bridge",
          "vendor": "Adobe",
          "versions": [
            {
              "lessThanOrEqual": "12.0.3",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "13.0.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "None",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2023-02-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read (CWE-125)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-17T00:00:00.000Z",
        "orgId": "078d4453-3bcd-4900-85e6-15281da43538",
        "shortName": "adobe"
      },
      "references": [
        {
          "url": "https://helpx.adobe.com/security/products/bridge/apsb23-09.html"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
    "assignerShortName": "adobe",
    "cveId": "CVE-2023-22231",
    "datePublished": "2023-02-17T00:00:00.000Z",
    "dateReserved": "2022-12-19T00:00:00.000Z",
    "dateUpdated": "2025-03-05T19:26:14.783Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-21819 (GCVE-0-2023-21819)

Vulnerability from cvelistv5 – Published: 2023-02-14 19:33 – Updated: 2025-01-01 00:41
VLAI
Title
Windows Secure Channel Denial of Service Vulnerability
Summary
Windows Secure Channel Denial of Service Vulnerability
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Impacted products
Vendor Product Version
Microsoft Windows 10 Version 1809 Affected: 10.0.17763.0 , < 10.0.17763.4010 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 1809 Affected: 10.0.0 , < 10.0.17763.4010 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 Affected: 10.0.17763.0 , < 10.0.17763.4010 (custom)
Create a notification for this product.
Microsoft Windows Server 2019 (Server Core installation) Affected: 10.0.17763.0 , < 10.0.17763.4010 (custom)
Create a notification for this product.
Microsoft Windows Server 2022 Affected: 10.0.20348.0 , < 10.0.20348.1547 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 20H2 Affected: 10.0.0 , < 10.0.19042.2604 (custom)
Create a notification for this product.
Microsoft Windows 11 version 21H2 Affected: 10.0.0 , < 10.0.22621.1574 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 21H2 Affected: 10.0.19043.0 , < 10.0.19044.2604 (custom)
Create a notification for this product.
Microsoft Windows 10 Version 22H2 Affected: 10.0.19045.0 , < 10.0.19045.2604 (custom)
Create a notification for this product.
Date Public
2023-02-14 08:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:51:51.176Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Windows Secure Channel Denial of Service Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21819"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-21819",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-04T18:06:28.156056Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-04T18:06:39.564Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "32-bit Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.4010",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 1809",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.4010",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.4010",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2019 (Server Core installation)",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.17763.4010",
              "status": "affected",
              "version": "10.0.17763.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems"
          ],
          "product": "Windows Server 2022",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.20348.1547",
              "status": "affected",
              "version": "10.0.20348.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 10 Version 20H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19042.2604",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems"
          ],
          "product": "Windows 11 version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.22621.1574",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "32-bit Systems",
            "ARM64-based Systems",
            "x64-based Systems"
          ],
          "product": "Windows 10 Version 21H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19044.2604",
              "status": "affected",
              "version": "10.0.19043.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "platforms": [
            "x64-based Systems",
            "ARM64-based Systems",
            "32-bit Systems"
          ],
          "product": "Windows 10 Version 22H2",
          "vendor": "Microsoft",
          "versions": [
            {
              "lessThan": "10.0.19045.2604",
              "status": "affected",
              "version": "10.0.19045.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.17763.4010",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
                  "versionEndExcluding": "10.0.17763.4010",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.4010",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.17763.4010",
                  "versionStartIncluding": "10.0.17763.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.0.20348.1547",
                  "versionStartIncluding": "10.0.20348.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_20H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19042.2604",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_11_21H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.22621.1574",
                  "versionStartIncluding": "10.0.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_21H2:*:*:*:*:*:*:x86:*",
                  "versionEndExcluding": "10.0.19044.2604",
                  "versionStartIncluding": "10.0.19043.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:microsoft:windows_10_22H2:*:*:*:*:*:*:x64:*",
                  "versionEndExcluding": "10.0.19045.2604",
                  "versionStartIncluding": "10.0.19045.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2023-02-14T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Windows Secure Channel Denial of Service Vulnerability"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-01T00:41:05.542Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Windows Secure Channel Denial of Service Vulnerability",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21819"
        }
      ],
      "title": "Windows Secure Channel Denial of Service Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2023-21819",
    "datePublished": "2023-02-14T19:33:20.984Z",
    "dateReserved": "2022-12-16T22:13:41.245Z",
    "dateUpdated": "2025-01-01T00:41:05.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
  • To reduce the likelihood of introducing an out-of-bounds read, ensure that you validate and ensure correct calculations for any length argument, buffer size calculation, or offset. Be especially careful of relying on a sentinel (i.e. special character such as NUL) in untrusted inputs.
Mitigation
Architecture and Design

Strategy: Language Selection

Use a language that provides appropriate memory abstractions.

CAPEC-540: Overread Buffers

An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.