199 matches found
CVE-2020-3703
u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central deviceThis CVE is equivalent to Link Layer Length Overfow issue CVE-2019-16336,CVE-2019-17519 and Silent Length Overflow issueCVE-2019-17518 mentioned in...
CVE-2020-19472
An issue has been found in function DCTStream::readHuffSym in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 2...
CVE-2020-3652
Possible buffer over-read issue in windows x86 wlan driver function while processing beacon or request frame due to lack of check of length of variable received. in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850...
CVE-2020-3617
u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta, Nicobar, QCS605, QCS610,...
CVE-2020-27909
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution...
CVE-2020-11156
u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap packet received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
CVE-2019-2271
Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2025-1448)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-2777
Summary: CVE-2025-2777 affects SysAid On-Prem versions ≤ 23.3.40, with an unauthenticated XML External Entity (XXE) vulnerability in the lshw processing endpoint. This can enable administrator account takeover and arbitrary file read primitives, per multiple sources in the connected documents. Wh...
CVE-2025-2775
CVE-2025-2775 affects SysAid On-Prem versions
Security update for libsoup2
This update for libsoup2 fixes the following issues: CVE-2025-2784: Fixed heap buffer over-read in skipinsignificantspace when sniffing conten bsc1240750 CVE-2025-32050: Fixed integer overflow in appendparamquoted bsc1240752 CVE-2025-32052: Fixed heap buffer overflow in sniffunknown bsc1240756...
CVE-2023-53142
In the Linux kernel, the following vulnerability has been resolved: ice: copy last block omitted in icegetmoduleeeprom icegetmoduleeeprom is broken since commit e9c9692c8a81 "ice: Reimplement module reads used by ethtool" In this refactor, icegetmoduleeeprom reads the eeprom in blocks of size 8...
DEBIAN-CVE-2025-37741
In the Linux kernel, the following vulnerability has been resolved: jfs: Prevent copying of nlink with value 0 from disk inode syzbot report a deadlock in diFree. 1 When calling "ioctl$LOOPSETSTATUS64", the offset value passed in is 4, which does not match the mounted loop device, causing the...
CVE-2025-3295
The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.2.9.1. This makes it possible for authenticated attackers, with Administrator-level access and above, to read arbitrary files on the affected site's server which may reveal sensitive...
PT-2025-16716 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been resolved, related to a missing shutdown check in the exfat file system. This issue caused problems when a device with dirty data was deleted, as...
CLSA-2025-1744721593 c-ares: Fix of 4 CVEs
CVE-2024-25629: fix invalid memory read issue in aresreadline - CVE-2023-31130: fix buffer underflow in aresinetnetpton for certain ipv6 addresses - CVE-2023-31147: fix issue of using weak random numbers in DNS query ids by replacing rand with a modern OS-provided CSPRNG like arc4random -...
ROS-20250410-01
A vulnerability in the mailbox component of the Linux kernel is related to resource management errors in the bcm2835mboxprobe function in drivers/mailbox/bcm2835-mailbox.c. Exploitation of the vulnerability could allow an attacker to cause a denial of service Vulnerability in the uvcparseformat...
CVE-2025-31800 WordPress Publitio plugin <= 2.1.8 - Arbitrary File Read vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in publitio Publitio allows Path Traversal. This issue affects Publitio: from n/a through 2.1.8...
Linux Distros Unpatched Vulnerability : CVE-2024-53190
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with ueventshow on stack trace. That specific...
Linux Distros Unpatched Vulnerability : CVE-2024-57952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert libfs: fix infinite directory reads for offset dir The current directory offset allocator based on mtreealloccyclic stores the next offset value to retur...