openssl: SSL_select_next_proto buffer overread

A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSLselectnextproto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called...

openssl: SSL_select_next_proto buffer overread

A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSLselectnextproto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called...

The vulnerability of the z_erofs_gbuf_growsize() function in the Linux kernel file system allows a hacker to trigger a service failure.

The vulnerability of the zerofsgbufgrowsize function in the Linux kernel file system is related to reading beyond the buffer’s boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the bpf_link_show_fdinfo() function in the kernel/bpf/syscall.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the bpflinkshowfdinfo function in the kernel/bpf/syscall.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected...

The vulnerability of the drivers for Microprogrammed Software Printers and Canon’s Generic Plus series of multifunctional devices lies in the fact that they read data beyond the buffer in memory when processing EMF records, allowing for the execution of arbitrary code.

The vulnerability of the drivers for Canon’s Generic Plus series of microprogrammed printer and multifunctional devices lies in the reading of data beyond the buffer in memory when processing EMF records. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending ...

nginx: specially crafted MP4 file may cause denial of service

A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...

nginx: specially crafted MP4 file may cause denial of service

A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...

The vulnerability of Adobe Illustrator, related to reading data beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Illustrator’s graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

Security Bulletin: A buffer overread, security restrictions bypass, a use-after-free, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to a buffer overread, security restrictions bypass, a use-after-free, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2020-15945 DESCRIPTION: Lua 5.4.0 fixed in 5.4.1 has a segmentation fault in...

The vulnerabilities of PDF viewing and editing programs from Adobe Acrobat Document Cloud, Acrobat Reader Document Cloud, Acrobat 2020, Acrobat 2024, and Acrobat Reader 2020 involve reading data beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Acrobat Reader Document Cloud, Acrobat 2020, Acrobat 2024, and Acrobat Reader 2020 involve reading data beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to gain...

The vulnerabilities of the functions dbAdjTree() and dbFindLeaf() in the kernel module fs/jfs/jfs_dmap.c of the Linux operating system allow a hacker to cause a service failure.

The vulnerability of the functions dbAdjTree and dbFindLeaf in the kernel module fs/jfs/jfsdmap.c of the Linux operating system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the can_resize() function in the drivers/md/dm-cache-target.c module of the Linux kernel allows an attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the canresize function in the drivers/md/dm-cache-target.c file of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protected information...

The vulnerability of Siemens Teamcenter Visualization’s lifecycle management system and Siemens Tecnomatix Plant Simulation’s software environment for modeling systems and processes lies in the reading of data beyond the buffer in memory. This allows attackers to execute arbitrary code.

The vulnerability of Siemens Teamcenter Visualization’s lifecycle management system and Siemens Tecnomatix Plant Simulation’s simulation software environment is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary...

The vulnerability of the do_active_device() function in the drivers/parport/procfs.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the doactivedevice function in the drivers/parport/procfs.c module of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the nested_svm_get_tdp_pdptr() function in the arch/x86/kvm/svm/nested.c module of the Linux operating system allows a attacker to compromise the confidentiality and accessibility of protected information.

The vulnerability of the nestedsvmgettdppdptr function in the arch/x86/kvm/svm/nested.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality and accessibility of the protect...

The vulnerability of the _isst_if_getpci_dev() function (drivers/platform/x86/intel/speed_select_if/isst_if_common.c) in the Linux operating system’s kernel allows a attacker to cause a service failure.

The vulnerability of the isstifgetpcidev function drivers/platform/x86/intel/speedselectif/isstifcommon.c in the Linux kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of Adobe InDesign’s automation tool for computer design, related to reading data beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of the dbMount() function in the fs/jfs/jfs_dmap.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the dbMount function in the fs/jfs/jfsdmap.c module of the Linux operating system is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the EVP_DecryptUpdate function in the OpenSSL library of the Sante PACS Server web server allows a hacker to execute arbitrary code.

The vulnerability of the EVPDecryptUpdate function in the OpenSSL library of the Sante PACS Server web server system is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code by sending specially crafte...

RockyLinux 9 : xorg-x11-server (RLSA-2024:9122)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:9122 advisory. xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in...