PT-2025-32674 · Ivanti · Ivanti Connect Secure +3

Name of the Vulnerable Software and Affected Versions: Ivanti Connect Secure versions prior to 22.7R2.8 and 22.8R2 Ivanti Policy Secure versions prior to 22.7R1.5 Ivanti ZTA Gateway versions prior to 2.8R2.3-723 Ivanti Neurons for Secure Access versions prior to 22.8R1.4 Description: A buffer...

Linux Distros Unpatched Vulnerability : CVE-2022-46393

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS ...

BIT-LIBPHP-2024-11233 Single byte overread with convert.quoted-printable-decode filter

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

Security update for zabbix

This update for zabbix fixes the following issues: CVE-2024-42333: Fixed buffer over-read for broken UTF8 mail data injection. bsc1233834 CVE-2024-22117: Fixed a bug that can cause the map element to crash when new URLs are added. bsc1233791 Patch Instructions: To install this SUSE update use the...

SUSE-SU-2025:02746-1 Security update for zabbix

This update for zabbix fixes the following issues: - CVE-2024-42333: Fixed buffer over-read for broken UTF8 mail data injection. bsc1233834 - CVE-2024-22117: Fixed a bug that can cause the map element to crash when new URLs are added. bsc1233791...

Vulnerability of the snd_usb_get_audioformat_uac3() function (sound/usb/stream.c) in Linux operating systems, allowing a hacker to trigger a service failure

The vulnerability of the sndusbgetaudioformatuac3 function in the Linux kernel’s sound/usb/stream.c file is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

Linux Distros Unpatched Vulnerability : CVE-2017-6347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ipcmsgrecvchecksum function in net/ipv4/ipsockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local...

Linux Distros Unpatched Vulnerability : CVE-2018-9988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverkeyexchange that could cause a crash on invalid input...

The vulnerability of the mbedtls_lms_import_public_key() function in Mbed TLS software allows a attacker to cause a service failure or disclose protected information.

The vulnerability of the mbedtlslmsimportpublickey function in Mbed TLS involves reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure or expose sensitive information...

CVE-2025-47183

In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure...

CVE-2025-47219

In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetrak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure...

The vulnerability of the console-based graphic editor ImageMagick, related to reading beyond the buffer limit of memory, allows a hacker to gain unauthorized access to information.

The vulnerability of the console-based graphic editor ImageMagick is related to reading data beyond the buffer limit of memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to information...

kernel: wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

The vulnerability of the Wlan AP Driver software driver in MediaTek microprogramming chips allows attackers to enhance their privileges and disclose protected information.

The vulnerability of the Wlan AP Driver software driver from MediaTek relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges and disclose sensitive information...

The vulnerability of the Wlan AP Driver software driver in MediaTek microprogramming chips allows attackers to enhance their privileges and disclose protected information.

The vulnerability of the Wlan AP Driver software driver from MediaTek relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges and disclose sensitive information...

The vulnerability of the Wlan AP Driver software driver in MediaTek microprogramming chips allows attackers to enhance their privileges and disclose protected information.

The vulnerability of the Wlan AP Driver software driver from MediaTek relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges and disclose sensitive information...

The vulnerability of the Wlan AP Driver software driver in MediaTek microprogramming chips allows attackers to enhance their privileges and disclose protected information.

The vulnerability of the Wlan AP Driver software driver from MediaTek relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges and disclose sensitive information...

The vulnerability of the Wlan STA Driver microprogramming software microcircuit from MediaTek allows a hacker to disclose protected information.

The vulnerability of the Wlan STA Driver microprogramming software from MediaTek relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the software...

The vulnerability of the Wlan AP Driver software driver in MediaTek microprogramming chips allows attackers to enhance their privileges and disclose protected information.

The vulnerability of the Wlan AP Driver software driver from MediaTek relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges and disclose sensitive information...

Vulnerability of software for modeling, designing, and drawing in AutoCAD, related to reading beyond the buffer in memory, allowing a hacker to execute arbitrary code or cause system failures.

The vulnerability of the software for modeling, designing, and drawing in AutoCAD is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause a service failure using a specially created PRT file...