nginx: NGINX: Arbitrary Code Execution Vulnerability

A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...

nginx: NGINX: Arbitrary Code Execution Vulnerability

A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...

CVE-2025-60887

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

CVE-2020-37119

Nsauditor 3.0.28 and 3.2.1.0 contains a buffer overflow vulnerability in the DNS Lookup tool that allows attackers to execute arbitrary code by overwriting memory. Attackers can craft a malicious DNS query payload to trigger a three-byte overwrite, bypass ASLR, and execute shellcode through a...

EUVD-2026-4992

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows an attacker on the adjacent network to cause information disclosure or denial-of-service via a special crafted packet. The leaked...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001273)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001273 advisory. The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs such as /bin/su because installexeccreds is called too late in loadelfbinary in...

CVE-2025-67246

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresse...

EUVD-2026-2755

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresse...

The vulnerability of the Adobe Framemaker desktop publishing system arises from the possibility of an operation going beyond the buffer boundaries in memory. This allows a hacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected information...

CVE-2025-24449

Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

PT-2024-4223 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Adobe Media Encoder versions 23.6.5, 24.3 and earlier Description: The issue is related to an out-of-bounds read vulnerability in the Adobe Media Encoder application, which could allow an attacker to disclose sensitive memory information. Thi...

CVE-2023-47078

Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

The vulnerability of the Adobe Photoshop graphic editor, related to reading beyond the buffer in memory, allows a hacker to bypass the ASLR protection mechanism.

The vulnerability of the Adobe Photoshop graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to bypass the ASLR protection mechanism...

The vulnerability of the Adobe Bridge file manager relates to the use of memory after it is freed, allowing an attacker to bypass the ASLR protection mechanism.

The vulnerability of the Adobe Bridge file manager is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism...

SUSE CVE-2015-8453

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass the ASLR protection mechanism via J...

CVE-2022-23191

Adobe Illustrator versions 25.4.3 and earlier and 26.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2021-44186

Adobe Bridge version 11.1.2 and earlier and version 12.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

The vulnerability in the `drivers/net/ethernet/xilinx/xilinx_emaclite.c` component of the Linux operating system allows a hacker to bypass the ASLR protection mechanism.

The vulnerability in the drivers/net/ethernet/xilinx/xilinxemaclite.c component of the Linux kernel is related to the use of uninitialized memory. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism...

GHSA-P5W9-856P-8Q4G Assumed memory layout of std::net::SocketAddr

The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

DEBIAN-CVE-2020-35921

An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...