The vulnerability of the dlpar_memory_remove_by_index() function in the Linux operating system’s PowerPC PSeries kernel driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dlparmemoryremovebyindex function in the Linux operating system’s PowerPC PSeries kernel memory driver relates to reading memory beyond the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

The vulnerability in the /subsys/bluetooth/host/hci_core.c component of the real-time Bluetooth subsystem of the Zephyr operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability in the /subsys/bluetooth/host/hcicore.c component of the real-time Bluetooth subsystem of the Zephyr operating system relates to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the web-server microprogramming software for NPort W2150A and W2250A allows a hacker to cause a service failure.

The vulnerability of the microprogrammed software routers NPort W2150A and W2250A lies in the reading of data outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failure by sending a specially crafted web request remotely...

The vulnerability of the Simcenter Femap simulation application, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Simcenter Femap simulation application lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by allowing the user to open a specially crafted Catia MODEL file...

squid: Buffer over-read in the HTTP Message processing feature

A buffer over-read flaw was found in Squid's HTTP Message processing feature. This issue may allow attackers to perform remote denial of service...

RHEL 9 : squid (RHSA-2024:1153)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1153 advisory. Squid is a high-performance proxy caching server for web clients, supporting FTP, and HTTP data objects. Security Fixes: squid: DoS against...

UBUNTU-CVE-2024-31082

A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

The vulnerability of the cipso_v4_map_lvl_valid function in Linux kernel allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the cipsov4maplvlvalid function in Linux kernel relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of the smb2_parse_contexts() function in the fs/smb/client/smb2pdu.c module of the SMB client kernel of the Linux operating system allows a hacker to gain access to protected information or cause service failures.

The vulnerability of the smb2parsecontexts function in the fs/smb/client/smb2pdu.c module of the SMB client kernel for Linux operating systems is related to reading memory beyond the boundaries of the allocated buffer. Exploiting this vulnerability could allow an attacker to gain access to...

PT-2024-21837 · Kofax · Kofax Power Pdf

Name of the Vulnerable Software and Affected Versions: Kofax Power PDF affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a maliciou...

The vulnerability of the pci_dev_for_each_resource() function in the Linux operating system’s PCI kernel component allows a hacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the pcidevforeachresource function in the Linux operating system’s PCI core component is related to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause...

PT-2024-3829 · Nvidia +3 · Nvidia Gpu Display Driver +3

Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Linux affected versions not specified Description: The issue is related to a buffer management error, where an attacker may access a memory location after the end of the buffer. A successful exploit of this issue...

The vulnerability of the dissect_bgp_open() function in the Wireshark network traffic analyzer allows a hacker to cause a service failure.

The vulnerability of the dissectbgpopen function in the Wireshark network traffic analyzer is related to the operation that occurs outside the buffer in memory when processing extended BGP parameter formats. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

The vulnerability of the slirp.c component of the TCP-IP Libslirp emulator allows a hacker to access confidential data.

The vulnerability of the slirp.c component in the Libslirp TCP-IP emulator involves reading data beyond the allowable buffer size. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...

The vulnerability in the `src/ncsi.c` component of the TCP-IP Libslirp emulator allows a attacker to access confidential data.

The vulnerability of the src/ncsi.c component of the TCP-IP Libslirp emulator is related to reading data beyond the allowable buffer size. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read when callback functions are enabled through the optional WOLFSSLCALLBACKS flag. An attacker can read 5 bytes from the heap via malicious TLS 1.3 connection. Remediation Upgrade wolfssl to version 5.6.6 or higher...

DEBIAN-CVE-2023-6936

In wolfSSL prior to 5.6.6, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes WOLFSSLCALLBACKS is only intended for debugging...

UBUNTU-CVE-2023-6936

In wolfSSL prior to 5.6.6, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes WOLFSSLCALLBACKS is only intended for debugging...

oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c

An out-of-bounds read vulnerability was found in the way Oniguruma handled regular expressions with GB18030 character encoding. A UChar pointer is dereferenced without checking if it passed the end of the matched string, leading to a heap-based buffer over-read. A remote attacker could abuse this...

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the 3D model texturing software Adobe Substance 3D Painter lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...