The vulnerability of the squashfs_fill_super() function in the Squashfs component of Linux operating systems allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the squashfsfillsuper function in the Squashfs component of Linux operating systems is related to reading beyond the buffer boundaries of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

kernel: wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

The vulnerability of the sftphandle() function in the LibSSH library allows a hacker to gain unauthorized access to protected information.

The vulnerability of the sftphandle function in the LibSSH library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the Tenda AC20 router’s microprogramming software, related to reading data outside the buffer in memory, allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of Tenda AC20 microprogramming software lies in the reading of data outside the buffer in memory when processing the parameter “list” in the file /goform/SetStaticRouteCfg. Exploitation of this vulnerability allows a remote attacker to execute arbitrary code or cause service...

Azure Linux 3.0 Security Update: gnutls (CVE-2025-32989)

The version of gnutls installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32989 advisory. - A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT...

CBL Mariner 2.0 Security Update: gnutls (CVE-2025-32989)

The version of gnutls installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32989 advisory. - A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT...

The vulnerability of MediaTek’s Bluetooth driver microprogramming software allows a hacker to trigger a service failure.

The vulnerability of the Bluetooth driver for Microprogramming Software MediaTek lies in reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2025-7745 Modbus TCP buffer overread

Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2...

ABB AC500 V2 安全漏洞

ABB AC500 V2 is a PLC from ABB Switzerland. suitable for simple control tasks and complex automation solutions. A security vulnerability exists in ABB AC500 V2 version 2.5.2 and earlier, which stems from vulnerability to buffer over-reading attacks...

The vulnerability of the formSafeEmailFilter() function in the microprogramming software for Tenda FH451 allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the formSafeEmailFilter function in the Tenda FH451 router software lies in the issue of the operation being executed outside the buffer in memory when processing the page parameter. Exploiting this vulnerability can allow a malicious actor to cause service failures or execut...

The vulnerability of the xmlSchematronFormatReport() function in the libxml2 library allows a attacker to trigger a service failure.

The vulnerability of the xmlSchematronFormatReport function in the libxml2 library relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures through a specially created XML file...

The vulnerability of the fromWizardHandle()/goform/WizardHandle function in the Tenda FH451 router software allows a hacker to induce a service failure.

The vulnerability of the fromWizardHandle/goform/WizardHandle function in the Tenda FH451 router’s microprogramming system is related to reading data beyond the buffer boundaries in memory when processing the PPW parameter. Exploiting this vulnerability can allow a malicious actor to cause servic...

The vulnerability of the libsavsvc.so library in Android operating systems allows a hacker to trigger a service failure.

The vulnerability of the libsavsvc.so library in Android operating systems relates to the reading of data beyond the buffer boundaries in memory during the decoding of headers. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond buffer boundaries in memory, allows a hacker to gain unauthorized access to protected information.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the software_node_get_reference_args() function in the Linux operating system allows a hacker to compromise the confidentiality of the protected information.

The vulnerability of the softwarenodegetreferenceargs function in the Linux operating system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality of the protected information...

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer, related to writing beyond buffer boundaries in memory, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the 3D model texturing program Adobe Substance 3D Designer lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

The vulnerability of the cs_dsp_mock_bin_bin_add_name_or_info() function in the drivers/firmware/cirrus/test/cs_dspMockBin.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the csdspmockbinbinaddnameorinfo function in the drivers/firmware/cirrus/test/csdspMockBin.c module of the Linux kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a system failure...

CVE-2025-7322

IrfanView CADImage Plugin DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-7279

IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...

CVE-2025-7265

IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...