Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-arm to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.osx-arm64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read through the loading of a specially crafted file. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-x64 to version 8.0.12, 9.0.1 or higher. References - GitHub Issue - GitHub Issue - Security Advisory...

BIT-PHP-MIN-2024-11233 Single byte overread with convert.quoted-printable-decode filter

In PHP versions 8.1. before 8.1.31, 8.2. before 8.2.26, 8.3. before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data can lead to buffer overread by one byte, which can in certain circumstances lead to crashes or disclose content of other memory areas...

Huawei EulerOS: Security Advisory for linux-sgx (EulerOS-SA-2024-2994)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-55475 CVE-2024-57822 affecting package raptor2 2.0.15-28

In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptorntriplesparseterminternal...

CLSA-2025-1736503631 squid: Fix of 4 CVEs

CVE-2023-49285: Fix Buffer Overread bug to prevent Denial of Service attack - CVE-2023-49286: Fix Incorrect Check of Function Return Value bug in Helper process management - CVE-2023-50269: Fix Uncontrolled Recursion bug in HTTP Request parsing by limiting X-Forwarded-For header size to prevent...

Raptor RDF Syntax Library 安全漏洞

The Raptor RDF Syntax Library is a Redland Raptor RDF syntax library by Dave Beckett, an individual developer. A security vulnerability exists in Raptor RDF Syntax Library version 2.0.16 and earlier, which stems from a heap buffer over-read when parsing triples using the nquads parser...

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom; the software for modeling and analyzing 3D models in Autodesk Navisworks Simulate; and the software for analyzing, coordinating, and verifying 3D models and project data in Autodesk Navisworks Manage. This allows a malicious individual to cause service interruptions or execute arbitrary code.

The vulnerability of the DWFX software file used for viewing 3D models and project documents in Autodesk Navisworks Freedom, as well as the software for modeling, analyzing, and simulating 3D models in Autodesk Navisworks Simulate, and the software for analyzing, coordinating, and verifying 3D...

The vulnerability of the Adobe Substance 3D Modeler software lies in its ability to read data beyond the buffer limit in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Substance 3D Modeler software relates to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially crafted file...

The vulnerability of the geni_se_clk_tbl_get() function in the QCOM GENI Serial Engine Driver (drivers/soc/qcom/qcom-geni-se.c) in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the geniseclktblget function in the QCOM GENI Serial Engine Driver drivers/soc/qcom/qcom-geni-se.c in the Linux operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service...

The vulnerability of the Adobe Substance 3D Modeler software lies in its ability to read data beyond the buffer limit in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Substance 3D Modeler software-related to reading beyond the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code using a specially crafted file...

CVE-2024-12751

Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...

The vulnerability of the Substance 3D Painter software, used for creating textures and materials for 3D models, relates to reading beyond the buffer boundary. This allows attackers to execute arbitrary code.

The vulnerability of the Substance 3D Painter software for creating textures and materials for 3D models involves reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Medium: libxml2

Issue Overview: An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. CVE-2024-34459 Affected Packages: libxml2 Note: This advisory is...

CLSA-2024-1734368527 php: Fix of CVE-2024-11233

CVE-2024-11233: Fix buffer overread by one byte issue in convert.quoted-printable-decode filter - Fix Bug 74267: segfault with streams and invalid data...

SUSE CVE-2024-47775

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parseds64 function within gstwavparse.c. The parseds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multipl...

AZL-62372 CVE-2024-47776 affecting package gstreamer1 1.20.0-2

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch...

DEBIAN-CVE-2024-47777

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gstwavparsesmplchunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer is...