The vulnerability of the `bnxt_need_reserve_rings()` function in the `drivers/net/ethernet/broadcom/bnxt/bnxt.c` module of the Linux kernel allows a hacker to trigger a service failure.

The vulnerability of the bnxtneedreserverings function in the drivers/net/ethernet/broadcom/bnxt/bnxt.c module of the Linux kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the gpiochip_getdesc() function in the drivers/gpio/gpiolib.c module of the Linux operating system’s GPIO driver allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the gpiochipgetdesc function in the drivers/gpio/gpiolib.c module of the Linux kernel’s GPIO driver is related to reading beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the cpu_power_to_freq() function in the drivers/thermal/cpufreq_cooling.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the cpupowertofreq function in the drivers/thermal/cpufreqcooling.c module of the Linux kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment, related to reading beyond the buffer in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to buffer overflow attacks involves reading data beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute...

xorg-x11-server security update

An update is available for xorg-x11-server. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org is an open-source implementation of the X Window System. It...

xorg-x11-server-Xwayland security update

An update is available for xorg-x11-server-Xwayland. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Xwayland is an X server for running X clients under Wayland...

RLSA-2024:9093 Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice CVE-2024-31081 xorg-x11-server: Use-after-free in...

RLSA-2024:9122 Moderate: xorg-x11-server security update

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fixes: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents CVE-2024-31080 xorg-x11-server:...

RLSA-2024:9333 Low: openssl and openssl-fips-provider security update

OpenSSL is a toolkit that implements the Secure Sockets Layer SSL and Transport Layer Security TLS protocols, as well as a full-strength general-purpose cryptography library. Security Fixes: openssl: Unbounded memory growth with session handling in TLSv1.3 CVE-2024-2511 openssl: Excessive time...

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models allows a hacker to execute arbitrary code by reading data beyond the buffer in memory.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models involves reading data beyond the buffer limit in memory. Exploiting this vulnerability allows a hacker to execute arbitrary code using a specially created malicious file...

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to reading beyond the buffer boundary in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by opening a specially created malicious file...

The vulnerability of Adobe Illustrator’s graphic editor lies in the ability to read data beyond the buffer in memory, allowing attackers to bypass ASLR protection and gain unauthorized access to protected information.

The vulnerability of Adobe Illustrator’s graphic editor is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to bypass ASLR protection and gain unauthorized access to protected information...

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to reading beyond the buffer boundary in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created malicious file...

Exploit for CVE-2024-5535

CVE-2024-5535 PoC - OpenSSL NPN Bu...

OESA-2025-1288 compat-openssl11 security update

OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security TLS and Secure Sockets Layer SSL protocols. Security Fixes: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation...

The vulnerability of Adobe InDesign’s automation tool for computer design, related to reading data beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created malicious file...

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to reading data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, Thunderbird ESR, is related to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the USB-Audio component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the USB-Audio component in the Linux operating system’s kernel is related to errors in reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2025-24992

Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally...

The vulnerability of the Intel QuickAssist Technology (QAT) driver package, which involves reading beyond the buffer in memory, allows attackers to exploit their privileges.

The vulnerability of the Intel QuickAssist Technology QAT driver package relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...