430 matches found
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in its ability to read data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current user...
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, relates to reading data beyond the buffer in memory, allowing an attacker to execute arbitrary code.
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to increase their privileges within the system
The vulnerability of the Linux operating system’s USB kernel component relates to the operation of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...
SUSE CVE-2024-7347
NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and the mp4 directi...
The vulnerability of the Ivanti Connect Secure access control tool, related to reading data outside the buffer in memory, allows a intruder to execute arbitrary code.
The vulnerability of the Ivanti Connect Secure access control tool lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the ASP TCP component on MacOs allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ASP TCP component on MacOs systems is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the ice component in the Linux operating system’s kernel is related to errors in reading beyond the allocated memory buffer. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the Digital Media component of Windows operating systems, which allows attackers to enhance their privileges
The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the CSC (Client-Side Caching) service in Windows operating systems allows attackers to disclose sensitive information.
The vulnerability of the CSC Client-Side Caching service in Windows operating systems lies in the fact that operations may be performed outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the system’s security...
The vulnerability of the IPsec IKE service in the FortiOS operating system and the scalable cloud security system FortiSASE allows a attacker to induce a service failure.
The vulnerability of the IPsec IKE service in the FortiOS operating system and the scalable cloud security system FortiSASE is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures through specially crafted...
The vulnerability of the Digital Media component of Windows operating systems allows attackers to elevate their privileges to a system-level level.
The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...
The vulnerability of the Exiv2 metadata management library, related to reading data outside of the allowed range in memory, allows a hacker to cause a service failure.
The vulnerability of the Exiv2 metadata management library relates to reading data outside the allowed range in memory when metadata is written to the created image file. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of Ivanti Connect Secure (formerly Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons for ZTA – tools for managing IT services – stems from reading data outside of the buffer in memory. This allows attackers to execute arbitrary code.
The vulnerability of Ivanti Connect Secure formerly Pulse Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA, which are tools for managing IT services, lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitra...
PT-2025-26177 · Clamav +3 · Clamav +3
Name of the Vulnerable Software and Affected Versions: ClamAV affected versions not specified Description: A vulnerability in Universal Disk Format UDF processing could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This issue is due to...
The vulnerability of the gst_avi_subtitle_parse_gab2_chunk function in the Gstreamer multimedia framework allows a hacker to cause a service failure.
The vulnerability of the gstavisubtitleparsegab2chunk function in the Gstreamer multimedia framework is related to reading beyond the allowed range of memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the qtdemux_parse_container function in the Gstreamer multimedia framework allows a hacker to trigger a service failure.
The vulnerability of the qtdemuxparsecontainer function in the Gstreamer multimedia framework is related to reading data beyond the permitted range in memory during the execution of this function. Exploiting this vulnerability can allow an attacker to cause service failures remotely...
The vulnerability of the atl1c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the atl1c component in the Linux operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...
The vulnerability of the hevc_frame_end function (libavcodec/hevcdec.c) in the FFmpeg multimedia library allows a hacker to disclose protected information.
The vulnerability of the hevcframeend function in the FFmpeg multimedia library libavcodec/hevcdec.c relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to disclose protected information...
The vulnerability of the netfilter component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the netfilter component in the Linux operating system’s kernel is related to errors in reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of GRUB’s NTFS driver, a loader program for operating systems, relates to reading memory beyond the buffer boundaries, allowing an attacker to read the contents of the RAM.
The vulnerability of the GRUB loader driver for NTFS operating systems involves reading memory beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to read the contents of the RAM...