SUSE CVE-2022-1927

Buffer Over-read in GitHub repository vim/vim prior to 8.2...

SUSE CVE-2022-2124

Buffer Over-read in GitHub repository vim/vim prior to 8.2...

SUSE CVE-2022-2175

Buffer Over-read in GitHub repository vim/vim prior to 8.2...

SUSE CVE-2022-2301

Buffer Over-read in GitHub repository hpjansson/chafa prior to 1.10.3...

SUSE CVE-2022-2881

The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process...

SUSE CVE-2022-23124

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getfinderinfo method. The issue results from the lack of proper validation of...

SUSE CVE-2022-27941

tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in getl2lenprotocol in common/get.c...

SUSE CVE-2022-27942

tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parsempls in common/get.c...

SUSE CVE-2022-28739

There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including KernelFloat and Stringtof...

SUSE CVE-2022-30556

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...

SUSE CVE-2022-31212

An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied...

SUSE CVE-2022-37434

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...

SUSE CVE-2022-40320

cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read...

SUSE CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

The vulnerability of Cisco IOS XE’s operating system in authentication, authorization, and accounting services allows a perpetrator to execute arbitrary code or cause a service failure.

The vulnerability of Cisco IOS XE’s authentication, authorization, and accounting AAA services arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause service failures...

Siemens Solid Edge 缓冲区错误漏洞

Siemens Solid Edge is a 3D CAD software from Siemens, a German company. Siemens Solid Edge is vulnerable to an out-of-bounds read vulnerability that could be exploited to execute code in the context of the current process...

PT-2023-6664 · Siemens · Siemens Solid Edge Se2022 +1

Name of the Vulnerable Software and Affected Versions: Siemens Solid Edge SE2022 versions prior to V222.0MP12 Siemens Solid Edge SE2023 versions prior to V223.0Update2 Description: The issue is related to an out of bounds read past the end of an allocated buffer while parsing a specially crafted...

UBUNTU-CVE-2023-0817

Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV...

GPAC 缓冲区错误漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in versions prior to GPAC v2.3.0-DEV that stems from buffer over-reading...

Qualcomm 芯片缓冲区错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc., and is often fabricated on the surface of semiconductor wafers. A security vulnerability exists in the Qualcomm Chip modem module, which stems...