23 matches found
CVE-2026-14408
CVE-2026-14408 affects Google Chrome Dawn prior to 150.0.7871.46, with an uninitialized use in Dawn allowing a remote attacker to read potentially sensitive information from process memory via a crafted HTML page. The vulnerability’s impact is described as information disclosure (Medium severity)...
CVE-2026-53467
A flaw was found in ImageMagick. The MNG decoder in ImageMagick contains a heap information disclosure vulnerability. This flaw could allow an attacker to potentially access sensitive information from memory due to parts of image pixels being left unchanged during processing. This could lead to...
CVE-2026-14112
Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14061
The CVE-2026-14061 issue affects Dawn in Google Chrome, prior to version 150.0.7871.47. It is described as an insecure implementation that could allow a remote attacker to obtain potentially sensitive data from process memory via a crafted HTML page. Affected component: Dawn within Chrome. Root c...
EUVD-2023-58451
Malicious code in bioql PyPI...
SUSE SLED15: ffmpeg / ffmpeg-private-devel / libavcodec-devel / libavcodec57 / etc (SUSE-SU-2025:1450-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1450-1 advisory. - CVE-2025-22921: Clear array length when freeing it. bsc1237382 - CVE-2025-0518: Fix memory dat...
Linux Distros Unpatched Vulnerability : CVE-2019-12360
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted...
CVE-2025-0518 Unchecked sscanf return value which leads to memory data leak
Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/afpan.C . This issue affects FFmpeg: 7.1. Issue was fixed: ...
CVE-2025-0518
CVE-2025-0518 affects FFmpeg 7.1 and is due to an unchecked return value causing an out-of-bounds read in libavfilter/af_pan.C. The issue is addressed by the FFmpeg commit b5b6391d64807578ab872dc58fb8aa621dcfc38a, which provides the fix. Discovery credited to Simcha Kosman. Public references in c...
llama.cpp Global Buffer Overflow Vulnerability
llama.cpp is a multimodal model. A global buffer overflow vulnerability exists in llama.cpp, which can be exploited by an attacker to cause a memory data leak...
grub2: out-of-bounds read at fs/ntfs.c
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to...
Amazon Linux 2 : thunderbird (ALAS-2024-2379)
The version of thunderbird installed on the remote host is prior to 115.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2379 advisory. On some systems--depending on the graphics settings and drivers--it was possible to force an out-of-bounds read and...
Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer
The Mozilla Foundation Security Advisory describes this flaw as: On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element...
RHEL 9 : firefox (RHSA-2023:7510)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7510 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
Mozilla Firefox < 115.5
The version of Firefox installed on the remote Windows host is prior to 115.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-50 advisory. - On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak...
Medium: libssh2
Issue Overview: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. CVE-2019-3859 An out of...
Vulnerability fixed in AMD processors
AMD has fixed a vulnerability with reference CVE-2021-26401 for the Ryzen and Athlon processors. This vulnerability has the same cause as the vulnerability known as Spectre, with attribute CVE-2017-5717. This vulnerability allows a malicious party to obtain sensitive data from the memory of a loc...
MGASA-2020-0291 Updated xpdf packages fix security vulnerability
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...
Stack overflow
A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...
Adobe Acrobat/Reader Memory Disclosure Vulnerability (CNVD-2015-06748)
Adobe Reader/Acrobat is a popular application for working with PDF files. A memory disclosure vulnerability exists in Adobe Reader/Acrobat. An attacker is allowed to construct a malicious PDF file and trick the user into parsing it, which can obtain sensitive memory information...