EUVD-2016-4697

Malware in sbrugna...

EUVD-2018-17638

Malware in sbrugna...

EUVD-2018-3330

Malware in sbrugna...

Unity Linux 20.1070e Security Update: exempi (UTSA-2025-987411)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987411 advisory. XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could...

OESA-2025-2293 exempi security update

Exempi is an implementation of XMP. Version 2.x is based on Adobe XMP SDK and released under a BSD-style license like Adobe's. Security Fixes: XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacke...

AVX-Based Timing Side Channel — ASLR Detection

This work demonstrates a technique for detecting ASLR using AVX memory load instructions combined with RDTSCP timing and SIGSEGV detection. It illustrates how side-channel timing measurements can be applied to analyze memory layout randomization...

CVE-2011-10023

MJM QuickPlayer likely now referred to as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitra...

CVE-2011-10023

MJM QuickPlayer also known as MJM Player version 2010 contains a stack-based buffer overflow vulnerability triggered by opening a malicious .s3m music file. The flaw occurs due to improper bounds checking in the file parser, allowing an attacker to overwrite memory and execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2017-11472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The acpinsterminate function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump,...

Linux Distros Unpatched Vulnerability : CVE-2017-1000410

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Acrobat 2024, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 involve reading beyond the buffer in memory. This allows attackers to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Acrobat 2024, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow...

CVE-2025-21168

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2025-43578

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

CVE-2025-43551

Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

The vulnerability of the Adobe Framemaker desktop publishing system arises from the possibility of an operation going beyond the buffer boundaries in memory. This allows a hacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information...

CVE-2025-27204

After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2025-27184

After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2025-27186

After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

The vulnerability of Adobe Substance 3D Modeler software lies in its ability to read data beyond the allowed range of memory. This allows attackers to bypass the ASLR protection mechanism and disclose confidential information.

The vulnerability of the Adobe Substance 3D Modeler software-related to reading data beyond the allowed range of memory. Exploiting this vulnerability could allow an attacker to bypass ASLR protection and disclose confidential information...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...