The vulnerability of the formSetSafeWanWebMan() function (/goform/SetRemoteWebCfg) in the Tenda AC15 router software allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the formSetSafeWanWebMan function /goform/SetRemoteWebCfg in the Tenda AC15 router software exists because the operation is performed outside the buffer in memory when processing the remoteIp parameter. Exploiting this vulnerability could allow a malicious actor to compromise...

DEBIAN-CVE-2025-5915

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber LZSS window. This means the library may attempt to read beyond the allocated memory buffer, which can...

AZL-63786 CVE-2025-5915 affecting package libarchive for versions less than 3.7.7-3

A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber LZSS window. This means the library may attempt to read beyond the allocated memory buffer, which can...

The vulnerability of the led_tg_check() function in the net/netfilter/xt_LED.c module of the Linux operating system allows a hacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the ledtgcheck function in the net/netfilter/xtLED.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...

The vulnerability of the formNatlimit() function in the microprogramming router software Tenda CH22 allows a hacker to execute arbitrary code.

The vulnerability of the formNatlimit function in the Tenda CH22 router’s microprogramming software lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending a specially crafted POST request...

The vulnerability of the acpi_nfit_ctl() function in the drivers/acpi/nfit/core.c file of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the acpinfitctl function in the drivers/acpi/nfit/core.c file of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the Siemens User Management Component (UMC) in products such as SIMATIC PCS neo, SINEC NMS, and Totally Integrated Automation Portal (TIA Portal) allows a attacker to trigger a service failure.

The vulnerability of the Siemens User Management Component UMC, which is found in products such as SIMATIC PCS neo, SINEC NMS, and Totally Integrated Automation Portal TIA Portal, relates to reading data outside the buffer boundaries in memory. Exploiting this vulnerability could allow a maliciou...

The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application management platform allows a attacker to cause a service failure.

The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application for centralized application management involves reading data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause...

The vulnerability of embedded software developed by Qualcomm, related to the execution of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of microprogramming software in embedded Qualcomm chips is related to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to disclose protected information during RTCP protocol processing...

libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content

A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skipinsightwhitespace function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server...

SUSE: Security Advisory (SUSE-SU-2024:2933-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the f2fs component of the Linux operating system’s kernel, which allows a hacker to cause a service failure

The vulnerability of the f2fs component of the Linux operating system’s kernel relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

Medium: postgresql16

Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...

Medium: postgresql15

Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...

OESA-2025-1568 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

OESA-2025-1566 libpq security update

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads. This package provides the essential shared library for any PostgreSQL client program or...

libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()

A flaw was found in libsoup. A vulnerability in snifffeedorhtml and skipinsignificantspace functions may lead to a heap buffer over-read...

Medium: postgresql

Issue Overview: Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5...

The vulnerability of the websReadEvent() function in the script /rame/ptdc.cgi of the D-Link DCS-5020L microprogrammed camera software allows a intruder to execute arbitrary code.

The vulnerability of the websReadEvent function in the /rame/ptdc.cgi script of the D-Link DCS-5020L microprogrammed IP camera is related to the reading of data beyond the buffer boundaries in memory during the processing of the Authorization: Digest Basic request. Exploiting this vulnerability...

The vulnerability of the dcpd service in the microprogramming software of Siemens Scalance LPE9403 allows a hacker to trigger a maintenance failure.

The vulnerability of the dcpd service in Siemens Scalance LPE9403 microprogramming software lies in the reading outside the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause a service failure by sending specially crafted malware packages...