The vulnerability of the get_ctl_id_hash() function in the audio subsystem of Linux operating systems allows a hacker to increase their privileges or cause service failures.

The vulnerability of the getctlidhash function in the audio subsystem of Linux operating systems is related to reading data beyond the buffer boundaries in memory when processing the parameter id-name. Exploiting this vulnerability can allow an attacker to enhance their privileges or cause system...

The vulnerability of the header_value function in the embedded operating system OpenWrt allows a hacker to gain access to protected information.

The vulnerability of the headervalue function in the embedded operating system OpenWrt relates to the ability to read data beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected information by sending a specially craft...

The vulnerability of the Audio component in Qualcomm’s embedded software allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Audio component in embedded Qualcomm software lies in the lack of checks for buffer length and reading beyond the memory boundary. Exploiting this vulnerability can allow an attacker to cause a service failure or execute arbitrary code...

httpd: mod_lua: Information disclosure with websockets

A flaw was found in the modlua module of httpd. The data returned by the wsread function may point past the end of the storage allocated for the buffer, resulting in information disclosure...

The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library relates to reading data beyond the permissible buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the ng_pkt function in the transports/smart_pkt.c component of the Libgit2 C library methods allows a attacker to cause a service failure.

The vulnerability of the ngpkt function in the transports/smartpkt.c component of the Git methods implemented in the C language, Libgit2, relates to reading data from beyond the buffer’s acceptable limits. Exploiting this vulnerability allows a remote attacker to cause service failures...

The vulnerability of the internal/dcraw_common.cpp component in the LibRaw image processing library allows a hacker to trigger a service failure.

The vulnerability of the internal/dcrawcommon.cpp component in the LibRaw image processing library is related to reading data beyond the permissible buffer size. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the `cv::RBaseStream::readBlock` function in the `modules/imgcodecs/src/bitstrm.cpp` file of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the cv::RBaseStream::readBlock function in the modules/imgcodecs/src/bitstrm.cpp file of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, relates to reading data beyond the allowed buffer limits. Exploiting this...

The vulnerability in the src/window.c component of the text editor Vim, which allows an attacker to access confidential data

The vulnerability in the src/window.c component of the Vim text editor is related to reading data beyond the buffer’s allowed limits. Exploiting this vulnerability allows an attacker to gain access to confidential data...

The vulnerability of the stb_image.h component in the C/C++ Libstb library allows a hacker to access confidential data and also trigger a service denial.

The vulnerability of the stbimage.h component in the C/C++ Libstb library is related to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to gain access to confidential data and also cause service interruptions...

The vulnerability of the `ldns_rr_new_frm_str_internal` function in the DNS library LDNS allows a attacker to access confidential data.

The vulnerability of the ldnsrrnewfrmstrinternal function in the DNS library LDNS is related to reading data beyond the allowable buffer size. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Deep Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

The vulnerability of the `kex_method_diffie_hellman_group_exchange_sha256_key_exchange` function in the `kex.c` component of the SSH2 protocol implementation library Libssh2 allows a attacker to access confidential data and also trigger a denial-of-service attack.

The vulnerability of the kexmethoddiffiehellmangroupexchangesha256keyexchange function in the kex.c component of the SSH2 protocol implementation library Libssh2 is related to reading data beyond the allowed buffer size. Exploiting this vulnerability allows an attacker to gain access to...

UBUNTU-CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

ALPINE-CVE-2022-2881

The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process...

DEBIAN-CVE-2022-2881

The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process...

CVE-2022-2881 Buffer overread in statistics channel code

The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process...

CVE-2022-2881 Buffer overread in statistics channel code

The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process...

The vulnerability of the `aspeed_lpc_ctrl_mmap` function in the drivers/soc/aspeed/aspeed-lpc-ctrl.c file of the Linux kernel allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the aspeedlpcctrlmmap function in the drivers/soc/aspeed/aspeed-lpc-ctrl.c file of the Linux kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrit...

The vulnerability of Mozilla Firefox, Mozilla Firefox ESR, and the email client Thunderbird relates to the reading of data beyond the buffer in memory, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of Mozilla Firefox, Mozilla Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created web page...