CVE-2020-14937

Memory access out of buffer boundaries issues was discovered in Contiki-NG 4.4 through 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified during the encoding and decoding of data. This may lead to out-of-bounds buffer read or write access ...

CVE-2025-37939

In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext corerelo header Update btfextparseinfo to ensure the corerelo header is present before reading its fields. This avoids a potential buffer read overflow reported by the OSS Fuzz project...

CVE-2025-37939 libbpf: Fix accessing BTF.ext core_relo header

In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext corerelo header Update btfextparseinfo to ensure the corerelo header is present before reading its fields. This avoids a potential buffer read overflow reported by the OSS Fuzz project...

CVE-2025-37939

CVE-2025-37939 affects the Linux kernel in the libbpf component, specifically the BTF.ext core_relo header handling. The issue arises when btf_ext_parse_info() reads fields of the core_relo header without confirming its presence, potentially triggering a buffer read overflow as reported by OSS-Fu...

The vulnerability of the invert_photometric() function in the src/tiff.imageio/tiffinput.cpp module of the OpenImageIO library allows a hacker to gain access to protected information or cause service failures.

The vulnerability of the invertphotometric function in the src/tiff.imageio/tiffinput.cpp file of the OpenImageIO library is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain access to protected information or cause servi...

SUSE CVE-2025-22036

In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after getblock When getblock is called with a bufferhead allocated on the stack, such as dompagereadpage, stack corruption due to bufferhead UAF may occur in the following race condition...

Apple macOS MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

Vulnerability of the mt7921_mcu_tx_rate_report() function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – This driver is part of the Linux kernel’s wireless adapter support framework. It allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the mt7921mcutxratereport function in the drivers/net/wireless/mediatek/mt76/mt7921/mcu.c module – The driver for supporting wireless connection adapters in the Linux operating system is vulnerable due to buffer out-of-bounds reading. Exploiting this vulnerability could allow an...

PT-2025-47316

Name of the Vulnerable Software and Affected Versions rsync affected versions not specified Description A specially crafted client, acting as the receiver during an rsync file transfer, can cause a read error due to accessing memory outside the intended boundaries. This occurs because of a negati...

Linux Distros Unpatched Vulnerability : CVE-2018-1056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use th...

CVE-2024-53031

Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine...

CVE-2020-15196

In Tensorflow version 2.3.0, the SparseCountSparseOutput and RaggedCountSparseOutput implementations don't validate that the weights tensor has the same shape as the data. The check exists for DenseCountSparseOutput, where both tensors are fully specified. In the sparse and ragged count weights a...

CVE-2024-0131

NVIDIA GPU kernel driver for Windows and Linux contains a vulnerability where a potential user-mode attacker could read a buffer with an incorrect length. A successful exploit of this vulnerability might lead to denial of service...

CVE-2024-9759

Tungsten Automation Power PDF is affected by CVE-2024-9759 due to a GIF file parsing flaw that allows an out-of-bounds read. The issue arises from insufficient validation of GIF data, leading to a read past the end of an allocated buffer and information disclosure. Impact is described as potentia...

CVE-2024-9718 Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target...

PT-2024-8172 · Rockwell Automation · Rockwell Automation Thinmanager

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ThinManage affected versions not specified Description: A Denial-of-Service issue exists in the affected product, potentially allowing a threat actor with network access to send crafted messages, resulting in...

Faronics Deep Freeze 缓冲区错误漏洞

Faronics Deep Freeze is a system recovery software developed by Faronics, Inc. A buffer error vulnerability exists in Faronics Deep Freeze version 9.00.020.5760, which stems from susceptibility to an out-of-bounds read vulnerability that can trigger the 0x70014 IOCTL code in the FarDisk.sys drive...

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

RHEL 7 : libplist (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libplist: Out-of-bounds heap buffer read in plistutil CVE-2017-5545 - The parsedictnode function in...

RHEL 6 : libplist (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libplist: Out-of-bounds heap buffer read in plistutil CVE-2017-5545 - The parsedictnode function in...