Lucene search
K

430 matches found

bdu_fstec
bdu_fstec
added 2025/03/13 12:0 a.m.8 views

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models lies in its ability to read data beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Substance 3D Sampler software for creating textures and materials for 3D models involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code within the context of the current user...

7.8CVSS6.2AI score0.00221EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2025/03/05 12:0 a.m.6 views

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, relates to reading data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.3AI score0.0057EPSS
Exploits0References19Affected Software8
bdu_fstec
bdu_fstec
added 2025/02/18 12:0 a.m.10 views

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to increase their privileges within the system

The vulnerability of the Linux operating system’s USB kernel component relates to the operation of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...

7.8CVSS6.8AI score0.00271EPSS
Exploits0References26Affected Software4
susecve
susecve
added 2025/02/14 5:41 a.m.3 views

SUSE CVE-2024-7347

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and the mp4 directi...

5.3CVSS6.3AI score0.0032EPSS
Exploits0References8
bdu_fstec
bdu_fstec
added 2025/02/14 12:0 a.m.25 views

The vulnerability of the Ivanti Connect Secure access control tool, related to reading data outside the buffer in memory, allows a intruder to execute arbitrary code.

The vulnerability of the Ivanti Connect Secure access control tool lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.9CVSS8.6AI score0.03831EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2025/02/13 12:0 a.m.6 views

The vulnerability of the ASP TCP component on MacOs allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the ASP TCP component on MacOs systems is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.4AI score0.00264EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2025/02/03 12:0 a.m.7 views

The vulnerability of the ice component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ice component in the Linux operating system’s kernel is related to errors in reading beyond the allocated memory buffer. Exploiting this vulnerability can allow an attacker to cause a service failure...

4.4CVSS5.6AI score0.00288EPSS
Exploits0References12Affected Software9
bdu_fstec
bdu_fstec
added 2025/01/23 12:0 a.m.8 views

The vulnerability of the Digital Media component of Windows operating systems, which allows attackers to enhance their privileges

The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.8CVSS7.7AI score0.00818EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2025/01/22 12:0 a.m.6 views

The vulnerability of the CSC (Client-Side Caching) service in Windows operating systems allows attackers to disclose sensitive information.

The vulnerability of the CSC Client-Side Caching service in Windows operating systems lies in the fact that operations may be performed outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the system’s security...

5.5CVSS7.8AI score0.00576EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2025/01/20 12:0 a.m.6 views

The vulnerability of the IPsec IKE service in the FortiOS operating system and the scalable cloud security system FortiSASE allows a attacker to induce a service failure.

The vulnerability of the IPsec IKE service in the FortiOS operating system and the scalable cloud security system FortiSASE is related to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures through specially crafted...

7.8CVSS5.5AI score0.00609EPSS
Exploits0References2Affected Software2
bdu_fstec
bdu_fstec
added 2025/01/20 12:0 a.m.6 views

The vulnerability of the Digital Media component of Windows operating systems allows attackers to elevate their privileges to a system-level level.

The vulnerability of the Digital Media component of Windows operating systems relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to a system-level level...

6.8CVSS7.7AI score0.00818EPSS
Exploits0References2
bdu_fstec
bdu_fstec
added 2025/01/16 12:0 a.m.5 views

The vulnerability of the Exiv2 metadata management library, related to reading data outside of the allowed range in memory, allows a hacker to cause a service failure.

The vulnerability of the Exiv2 metadata management library relates to reading data outside the allowed range in memory when metadata is written to the created image file. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.3AI score0.01119EPSS
Exploits0References10Affected Software5
bdu_fstec
bdu_fstec
added 2025/01/09 12:0 a.m.6 views

The vulnerability of Ivanti Connect Secure (formerly Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons for ZTA – tools for managing IT services – stems from reading data outside of the buffer in memory. This allows attackers to execute arbitrary code.

The vulnerability of Ivanti Connect Secure formerly Pulse Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for ZTA, which are tools for managing IT services, lies in the reading of data outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitra...

9CVSS7.8AI score0.99971EPSS
Exploits13References4Affected Software3
ptsecurity
ptsecurity
added 2025/01/01 12:0 a.m.5 views

PT-2025-26177 · Clamav +3 · Clamav +3

Name of the Vulnerable Software and Affected Versions: ClamAV affected versions not specified Description: A vulnerability in Universal Disk Format UDF processing could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This issue is due to...

9.8CVSS6.1AI score0.01535EPSS
Exploits0References31
bdu_fstec
bdu_fstec
added 2024/12/19 12:0 a.m.8 views

The vulnerability of the gst_avi_subtitle_parse_gab2_chunk function in the Gstreamer multimedia framework allows a hacker to cause a service failure.

The vulnerability of the gstavisubtitleparsegab2chunk function in the Gstreamer multimedia framework is related to reading beyond the allowed range of memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

9.4CVSS6.5AI score0.00823EPSS
Exploits0References13Affected Software8
bdu_fstec
bdu_fstec
added 2024/12/19 12:0 a.m.6 views

The vulnerability of the qtdemux_parse_container function in the Gstreamer multimedia framework allows a hacker to trigger a service failure.

The vulnerability of the qtdemuxparsecontainer function in the Gstreamer multimedia framework is related to reading data beyond the permitted range in memory during the execution of this function. Exploiting this vulnerability can allow an attacker to cause service failures remotely...

7.8CVSS6.6AI score0.00915EPSS
Exploits0References13Affected Software8
bdu_fstec
bdu_fstec
added 2024/11/26 12:0 a.m.4 views

The vulnerability of the atl1c component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the atl1c component in the Linux operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

5.5CVSS6.5AI score0.0024EPSS
Exploits0References19Affected Software5
bdu_fstec
bdu_fstec
added 2024/11/26 12:0 a.m.5 views

The vulnerability of the hevc_frame_end function (libavcodec/hevcdec.c) in the FFmpeg multimedia library allows a hacker to disclose protected information.

The vulnerability of the hevcframeend function in the FFmpeg multimedia library libavcodec/hevcdec.c relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to disclose protected information...

6.6CVSS5.8AI score0.00249EPSS
Exploits1References5Affected Software2
bdu_fstec
bdu_fstec
added 2024/11/19 12:0 a.m.4 views

The vulnerability of the netfilter component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the netfilter component in the Linux operating system’s kernel is related to errors in reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS6.7AI score0.00227EPSS
Exploits0References38Affected Software8
bdu_fstec
bdu_fstec
added 2024/11/15 12:0 a.m.15 views

The vulnerability of GRUB’s NTFS driver, a loader program for operating systems, relates to reading memory beyond the buffer boundaries, allowing an attacker to read the contents of the RAM.

The vulnerability of the GRUB loader driver for NTFS operating systems involves reading memory beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to read the contents of the RAM...

5.3CVSS5.7AI score
Exploits0Affected Software1
Rows per page
Query Builder