47 matches found
Advisory ROSA-SA-2025-3064
Software: libwebp 1.0.0 OS: ROSA Virtualization 2.1 unaffected versions = libwebp-1.0.0.0-10.0.1.rv3 affected versions libwebp-1.0.0.0-10.0.1.rv3 CVE-ID: CVE-2023-4863 BDU-ID: TO600, TO601, TO675, TO797, TO826 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the libwebp library for WebP image...
EUVD-2017-6388
Malware in sbrugna...
EUVD-2014-9797
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-6956
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c. CVE-2019-6956 Note that...
CVE-2025-5456
A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to trigger a...
The vulnerability of the Adobe Substance 3D Viewer application, which allows for the reading beyond the buffer in memory, enables attackers to disclose protected information.
The vulnerability of the Adobe Substance 3D Viewer application for viewing and editing 3D files is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created file...
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2022-40518
Information disclosure due to buffer overread in Core...
ruby security update
3.0.7-163 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: rbhz2322153 3.0.7-162 - Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 - Fix HTTP response splitting in CGI. Resolves: RHEL-35741 - Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 - Fix ReDoS vulnerability in Time. Resolves:...
The vulnerabilities of the 3D viewing tool JTJT2Go, the Product Lifecycle Management system Teamcenter Visualization, and the 3D geometric modeling tool Parasolid allow a perpetrator to execute arbitrary code.
The vulnerability of the 3D viewing tool JT, JT2Go, the product lifecycle management system Teamcenter Visualization, and the 3D geometric modeling tool Parasolid relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using...
The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...
EulerOS 2.0 SP9 : ruby (EulerOS-SA-2024-2381)
According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and unge...
nginx -- Vulnerability in the ngx_http_mp4_module
The nginx development team reports: This update fixes the buffer overread vulnerability in the ngxhttpmp4module...
ruby:3.3 security, bug fix, and enhancement update
An update is available for rubygem-pg, module.rubygem-mysql2, rubygem-mysql2, module.rubygem-pg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Ruby is an...
RLSA-2024:3671 Moderate: ruby:3.3 security, bug fix, and enhancement update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: ruby 3.3. Rocky Linux-37697 Security Fixes: ruby: Buffer overread...
Oracle Linux 8 : ruby:3.1 (ELSA-2024-3546)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3546 advisory. ruby 3.1.5-143 - Upgrade to Ruby 3.1.5. Resolves: RHEL-35748 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-35749 - Fix RCE...
Rocky Linux 8 : ruby:3.3 (RLSA-2024:3670)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3670 advisory. ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory...
Rocky Linux 9 : ruby:3.3 (RLSA-2024:3671)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3671 advisory. ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Arbitrary memory...
Rocky Linux 8 : ruby:3.1 (RLSA-2024:3546)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:3546 advisory. ruby: RCE vulnerability with .rdocoptions in RDoc CVE-2024-27281 ruby: Buffer overread vulnerability in StringIO CVE-2024-27280 ruby: Arbitrary memory...
Moderate: Red Hat Security Advisory: ruby security update
An update for ruby is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...