SUSE CVE-2024-27280

A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and ungetc methods on a StringIO can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. 3.0.3 is the main fix...

The vulnerability of the Adobe Animate program for creating multimedia and computer animations lies in the reading of data beyond the buffer in memory, which allows attackers to exploit the protected information.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information...

CVE-2024-27280

A buffer overread flaw was found in rubygem StringIO. The ungetbyte and ungetc methods on a StringIO object can read past the end of a string, and a subsequent call to StringIO.gets may return the memory value. Mitigation Mitigation for this issue is either not available or the currently availabl...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read due to the improper handling of the ungetbyte and ungetc methods on a StringIO object, which can read past the end of a string. An attacker can obtain sensitive information from memory by invoking StringIO.gets after...

PT-2024-2478

Name of the Vulnerable Software and Affected Versions: Ruby StringIO versions 3.0.1 through 3.0.6 Ruby StringIO versions 3.1.x through 3.1.4 Description: A buffer-overread issue was discovered in StringIO, where the ungetbyte and ungetc methods can read past the end of a string, and a subsequent...

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no know...

The vulnerability of the Adobe Bridge file manager, related to reading data beyond the buffer in memory, allows an attacker to exploit the protected information.

The vulnerability of the Adobe Bridge file manager is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to disclose protected information...

The vulnerability of the Zeek plugin for industrial system management protocols ICSNPP-Ethercat, which involves reading data beyond the buffer in memory, allows attackers to cause service failures or gain unauthorized access to protected information.

The vulnerability of the Zeek plugin for industrial system management protocols ICSNPP-Ethercat relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or gain unauthorized access to protected information...

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a Buffer Overread bug Squid is vulnerable to a Denial of Service attack against Squid HTTP Message processing. This bug is fixed by Squid version 6.5. Users are advised to upgrade. There are no know...

The vulnerability of the formQuickIndex function in the /goform/QuickIndex file of the Tenda AC18 router’s microprogramming system allows a hacker to escalate their privileges.

The vulnerability of the formQuickIndex function in the /goform/QuickIndex module of the Tenda AC18 router’s microprogramming system relates to the ability to read data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to enhance their privileges ...

The vulnerability of the Kofax PowerPDF software, which is used for creating, converting, editing, and publishing PDF files, relates to reading data beyond the buffer in memory. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of the Kofax PowerPDF software for creating, converting, editing, and publishing PDF files lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created TIF file...

CVE-2024-22040

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...

Design/Logic Flaw

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution All versions V4.3.5618, Cerberus PRO EN X300 Cloud Distribution All versions V4.3.5617, Sinteso FS20 EN Engineering...

CVE-2024-22040

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...

CVE-2024-22040

A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x IP6 All versions, Cerberus PRO EN Fire Panel FC72x IP7 All versions, Cerberus PRO EN Fire Panel FC72x IP8 All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution IP7 All...

CVE-2024-22040

Siemens CVE-2024-22040 involves a buffer overread in the network communication library due to insufficient validation of HMAC values. The flaw can allow an unauthenticated remote attacker to crash the affected network service. Affected products span Cerberus PRO EN Engineering Tool, Cerberus PRO ...

PT-2024-2315 · Siemens · Cerberus Pro En Fire Panel Fc72X Ip7 +21

Name of the Vulnerable Software and Affected Versions: Cerberus PRO EN Engineering Tool versions prior to MP4 Cerberus PRO EN Fire Panel FC72x IP6 versions prior to IP8 SR4 Cerberus PRO EN Fire Panel FC72x IP7 versions prior to IP8 SR4 Cerberus PRO EN Fire Panel FC72x IP8 versions prior to IP8 SR...

EulerOS 2.0 SP8 : squid (EulerOS-SA-2024-1301)

According to the versions of the squid package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6....

The vulnerability of the `check_stack_slot_within_bounds()` function in the kernel/bpf/verifier.c module of the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the checkstackslotwithinbounds function in the kernel/bpf/verifier.c module of the Linux operating system is related to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability of the upi_fill_topology() function in the arch/x86/events/intel/uncore_snbep.c module of the Linux kernel’s performance evaluation subsystem allows a hacker to cause a service failure.

The vulnerability of the upifilltopology function in the arch/x86/events/intel/uncoresnbep.c module, belonging to the CPU performance evaluation subsystem of the Linux operating system, involves reading memory beyond the allocated buffer, followed by the assignment of a null pointer. Exploiting...