5800 matches found
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
AZL-65103 CVE-2025-32989 affecting package gnutls for versions less than 3.8.3-6
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
DEBIAN-CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
ALPINE-CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
AZL-65088 CVE-2025-32989 affecting package gnutls for versions less than 3.7.11-4
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989 Gnutls: vulnerability in gnutls sct extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989
CVE-2025-32989 : A heap-buffer-overread in GnuTLS occurs during X.509 certificate parsing of the CT SCT extension (OID 1.3.6.1.4.1.11129.2.4.2). A malformed SCT can lead to exposure of confidential data when certificates are validated for certain sites and SCT checks are not performed correctly. ...
CVE-2025-32989 Gnutls: vulnerability in gnutls sct extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
PT-2025-29041
Name of the Vulnerable Software and Affected Versions: GnuTLS affected versions not specified Description: A heap-buffer-overread issue exists in GnuTLS during the handling of the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This allows ...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage, allows a malicious individual to execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage, allows a malicious actor to execute arbitrary code.
The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Acrobat 2024, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 involve reading beyond the buffer in memory. This allows attackers to bypass the ASLR protection mechanism and gain unauthorized access to protected information.
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Reader Document Cloud, Adobe Acrobat 2024, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow...
CVE-2025-49684
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally...
CVE-2025-49659
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally...
CVE-2025-47973
Buffer over-read in Virtual Hard Disk VHDX allows an unauthorized attacker to elevate privileges locally...
jq: AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt)
A flaw was found in jq, a command line JSON processor. A specially crafted input can cause a heap-based buffer over-read when formatting an empty string because it was not properly null-terminated, causing a crash and resulting in a denial of service...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries in memory during file processing for U3D files. Exploiting this vulnerability can allow attackers to disclose protecte...
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the ability to read data beyond the buffer in memory, allowing attackers to disclose protected information.
The vulnerability of PDF document viewing and editing programs such as PDF-XChange Editor, PDF-Tools, and PDF-XChange PRO lies in the reading of data beyond the buffer boundaries during file processing for PRC formats. Exploiting this vulnerability can allow attackers to disclose protected...