The vulnerability of the Mozilla Firefox browser and the Thunderbird email client, related to reading data beyond the buffer in memory, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Mozilla Firefox browser and the Thunderbird email client relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

UBUNTU-CVE-2022-2881

The underlying bug might cause read past end of the buffer and either read memory it should not read, or crash the process...

The vulnerability of the cfg_tilde_expand() function in the libConfuse configuration file parser library allows a attacker to cause a service failure.

The vulnerability of the cfgtildeexpand function in the libConfuse configuration file parser library is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures through a specially created file...

cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read.

...

CVE-2022-25670

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

CVE-2022-25669

Denial of service in video due to buffer over read while parsing MP4 clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2022-25653

Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

The vulnerability of the client’s TFTP/Atftp component allows attackers to gain access to confidential data.

The vulnerability of the client’s TFTP/Atftp component relates to reading data from beyond the permissible buffer limits. Exploiting this vulnerability allows a malicious actor to gain access to confidential data...

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a software released by Adobe Systems, Inc. for graphics production. An out-of-bounds read vulnerability exists in Adobe Illustrator, which can be exploited by attackers to bypass mitigations such as ASLR and cause sensitive memory leaks...

CVE-2022-40663

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-40662

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-40656

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-40656

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-40636

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

CVE-2022-40636

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

CVE-2022-40737

An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4ByteStream::Write and AP4HdlrAtom::WriteFields...

UBUNTU-CVE-2022-40737

An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4ByteStream::Write and AP4HdlrAtom::WriteFields...

Bento4 缓冲区错误漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 version 1.6.0-639, which stems from its AP4ByteStream::Write and AP4HdlrAtom::WriteFields components calling the System/StdC/Ap4StdCFileByteStream.cpp component's AP4...

PT-2022-25461 · Nikon · Nikon Nis-Elements Viewer

Name of the Vulnerable Software and Affected Versions: NIKON NIS-Elements Viewer version 1.2100.1483.0 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a maliciou...

PT-2022-25453 · Nikon · Nikon Nis-Elements Viewer

Name of the Vulnerable Software and Affected Versions: NIKON NIS-Elements Viewer version 13.2.0.21165 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious...