CVE-2024-6874

...

The vulnerability of the exif_entry_get_value() function in the exif-entry.c component of the Libexif library for EXIF-file parsing allows a hacker to access confidential data and cause service interruptions. This vulnerability is related to reading beyond the allowed buffer size.

The vulnerability of the exifentrygetvalue function in the exif-entry.c component of the Libexif library for EXIF-file parsing involves reading data beyond the allowable buffer limits. Exploiting this vulnerability could allow an attacker to gain access to confidential data, as well as cause...

The vulnerability of the icvCvt_BGRA2BGR_8u_C4C3R function in the Open Source Computer Vision Library (OpenCV) allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the icvCvtBGRA2BGR8uC4C3R function in the Open Source Computer Vision Library OpenCV involves reading data beyond the allowable buffer size. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3 (SUSE-SU-2024:3470-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3470-1 advisory. - CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module...

SUSE-SU-2024:3470-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module bsc1228780. - CVE-2024-5642: Fixed buffer overread when NPN is used and invalid values are sent to the OpenSSL API bsc1227233. - CVE-2024-7592: Fixed Email...

UBUNTU-CVE-2024-9029

A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the readiptcprofile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not being sanitized, causing a crash in the application linked to the library,...

PT-2024-39531 · Adobe · Flash

Name of the Vulnerable Software and Affected Versions: Adobe Flash affected versions not specified Description: A buffer overread issue has been identified. No further details are available due to the rejection of the candidate number. Recommendations: At the moment, there is no information about...

PT-2025-4094 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this, where the targ...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created JB2 file...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created U3D file...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created U3D file...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created U3D file...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software, related to the occurrence of operations outside the buffer in memory, allows attackers to disclose protected information.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created U3D file...

CVE-2024-41445

Library MDF mdflib v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function...

CVE-2024-41445

Library MDF mdflib v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function...

CVE-2024-41445

Library MDF mdflib v2.1 is vulnerable to a heap-based buffer overread via a crafted mdf4 file is parsed using the ReadData function...

CVE-2024-41445

CVE-2024-41445 affects Library MDF (mdflib) v2.1. The issue is a heap-based buffer overread that occurs when parsing a crafted MDF4 file using the ReadData function. Multiple connected sources (PT-2024-29405, Red Hat advisory, NVD/NVD-derived reports, CNNVD) corroborate the vulnerability in mdfli...

The vulnerability of the Native Scoring component of the Microsoft SQL Server database management system allows a hacker to execute arbitrary code.

The vulnerability of the Native Scoring component of the Microsoft SQL Server database management system relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code remotely...

SUSE: Security Advisory (SUSE-SU-2024:3353-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the web page rendering module in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Web page rendering module in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service failures...