Lucene search
+L

374 matches found

BDU FSTEC
BDU FSTEC
added 2025/03/14 12:0 a.m.7 views

The vulnerability of the FreeType font rendering library, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the FreeType font rendering library relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code by sending a specially crafted file containing variable fonts...

8.1CVSS8AI score0.26049EPSS
Exploits1References18Affected Software11
CVE
CVE
added 2025/03/06 5:4 a.m.64 views

CVE-2025-20919

CVE-2025-20919 relates to Samsung Notes, affected versions prior to 4.4.26.71. The vulnerability is an out-of-bounds read when applying binary of video content, allowing reading of memory outside bounds. The issue is documented across multiple sources (e.g., Red Hat/RedHat-adapted CVE, PT-2025-98...

7.5CVSS7AI score0.00261EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/06 12:0 a.m.7 views

SAMSUNG Notes 安全漏洞

Samsung Notes is an application program from the South Korean company Samsung SAMSUNG. It is used to provide a recording function. Samsung Notes suffers from an out-of-bounds read vulnerability, which originates from an out-of-bounds read in a text content binary application, and can be exploited...

7.5CVSS6.7AI score0.00261EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/03/06 12:0 a.m.5 views

PT-2025-9889 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.26.71 Description: The issue is related to an out-of-bounds read in applying extra data of base content. This allows attackers to read out-of-bounds memory. Recommendations: For versions prior to 4.4.26.71,...

7.5CVSS6.2AI score0.00261EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2024-0340

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in vhostnewmsg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between...

5.5CVSS5.9AI score0.00236EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-2059

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The stringpreputf8toucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other...

7.5CVSS7.5AI score0.03185EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2025/02/21 12:12 p.m.17 views

K000149918: PostgresQL vulnerability CVE-2021-3677

Security Advisory Description A flaw was found in postgresql. A purpose-crafted query can read arbitrary bytes of server memory. In the default configuration, any authenticated database user can complete this attack at will. The attack does not require the ability to create objects. If server...

6.5CVSS6.8AI score0.0142EPSS
Exploits0
OSV
OSV
added 2025/02/19 6:15 p.m.11 views

AZL-56904 CVE-2025-1118 affecting package grub2 for versions less than 2.06-15

A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory...

4.4CVSS6AI score0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/19 5:54 p.m.6 views

CVE-2025-1118 Grub2: commands/dump: the dump command is not in lockdown when secure boot is enabled

A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory...

4.4CVSS4.4AI score0.00298EPSS
Exploits0References5
OSV
OSV
added 2025/02/19 7:1 a.m.11 views

CVE-2025-0633 Heap Overflow in iniparser.c

Heap-based Buffer Overflow vulnerability in iniparserdumpsectionini in iniparser allows attacker to read out of bound memory...

5.1CVSS5.9AI score0.00224EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/02/13 12:0 a.m.11 views

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise programs lies in the ability to read data outside of the allowed range in memory, allowing an attacker to disclose protected information.

The vulnerability of Microsoft Office, Excel, and 365 Apps for Enterprise packages relates to reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

7.8CVSS7.7AI score0.00988EPSS
Exploits0References2
NVD
NVD
added 2025/02/04 8:15 a.m.44 views

CVE-2025-20891

Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...

5.5CVSS0.00139EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/27 9:46 p.m.20 views

CVE-2024-54507

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2. An attacker with user privileges may be able to read kernel memory...

0.00863EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.7 views

The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the Ivanti EPM endpoint management software is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS7.5AI score0.0259EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/01/17 12:0 a.m.11 views

The vulnerability of the Ivanti EPM endpoint management software, related to reading data beyond the buffer in memory, allows a hacker to trigger a service failure.

The vulnerability of the Ivanti EPM endpoint management software relates to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...

7.8CVSS7.4AI score0.0259EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.3 views

PT-2025-1251 · Microsoft · Windows Digital Media +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to a component of Windows Digital Media and involves a memory reading vulnerability that can allow an attacker to elevate their privileges. This can...

6.8CVSS9.2AI score0.00818EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.3 views

PT-2025-1172 · Microsoft · Windows Digital Media +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to a component of the Windows operating system, specifically Digital Media, and involves a memory reading error beyond the allowed range. This can...

6.8CVSS9.2AI score0.00744EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.5 views

PT-2025-1161 · Microsoft · Windows Digital Media +1

Name of the Vulnerable Software and Affected Versions: Windows Digital Media affected versions not specified Description: The issue is related to an elevation of privilege in Windows Digital Media, which can be exploited to gain system-level privileges. It involves a memory reading vulnerability...

6.8CVSS9.5AI score0.00818EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/12/17 9:50 a.m.45 views

CVE-2023-31355

A flaw was found in the AMD firmware. This vulnerability allows a malicious hypervisor to overwrite a guest's UMC seed, potentially enabling the reading of memory from a decommissioned guest via improper restriction of write operations. Mitigation Mitigation for this issue is either not available...

6CVSS6.5AI score0.00443EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2024/11/26 12:0 a.m.13 views

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation lies in the ability to read data beyond the acceptable range in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the software environment of Siemens Tecnomatix Plant Simulation relates to reading data beyond the permissible range in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using specially created WRL files...

7.8CVSS7.6AI score0.00272EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder