UBUNTU-CVE-2020-27796

A heap-based buffer over-read was discovered in the invertptdynamic function in plxelf.cpp in UPX 4.0.0 via a crafted Mach-O file...

The vulnerability of the Cisco Discovery protocol’s implementation in NX-OS and FXOS operating systems allows a perpetrator to execute arbitrary code with root privileges or cause a service failure.

The vulnerability of the Cisco Discovery protocol’s implementation in NX-OS and FXOS operating systems relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code with root privileges or cause service failures...

The vulnerability of the HCI interface, which operates on the Modbus TCP protocol, and the programmable logic controllers Hitachi Energy RTU500, allows a intruder to trigger a service failure or cause the device to restart.

The vulnerability of the HCI interface, which operates on the Modbus TCP protocol, and the Hitachi Energy RTU500 programmable logic controllers is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause service failures or trigg...

The vulnerability of the microprogramming software of the POWER METER SICAM Q100 lies in the reading of data beyond the buffer in memory, allowing an intruder to execute arbitrary code.

The vulnerability of the microprogramming software of the POWER METER SICAM Q100 relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

PT-2022-23952 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

PT-2022-23947 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open...

The vulnerability of the bpf_prog_test_run_skb function (test_run.c) in the Android operating system’s kernel allows a hacker to disclose sensitive information that should be protected.

The vulnerability of the bpfprogtestrunskb function testrun.c in the Android operating system stems from reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by security measures...

PT-2022-23950 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...

The vulnerability of the iLO Amplifier Pack software’s automatic recovery function, related to reading data beyond the buffer in memory, allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the iLO Amplifier Pack software for automatic restoration of factory settings involves reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the SMM driver in microprogramming systems based on UEFI (BIOS) in desktop computers and personal computers manufactured by Hewlett-Packard Development Company L.P. allows a hacker to gain increased privileges.

The vulnerability of the System Management Mode SMM driver in microprogramming-based EFI BIOS desktop computers and personal computers manufactured by Hewlett-Packard Development Company L.P. involves reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to...

The vulnerability of BIG-IP application protection mechanisms, related to reading data beyond the buffer in memory, allows attackers to gain unauthorized access to the protected information.

The vulnerability of BIG-IP application protection mechanisms relates to the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the protected information...

The vulnerability of Intel Wireless Bluetooth and Killer Bluetooth drivers, related to reading data beyond the buffer in memory, allows a intruder to gain unauthorized access to protected information or cause service failures.

The vulnerability of Intel Wireless Bluetooth and Killer Bluetooth drivers is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information or cause service failures...

The vulnerability of Intel Wireless Bluetooth and Killer Bluetooth drivers, related to reading data beyond the buffer in memory, allows attackers to gain unauthorized access to protected information.

The vulnerability of Intel Wireless Bluetooth and Killer Bluetooth drivers is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

Vim 安全漏洞

Vim is a cross-platform text editor. A security vulnerability exists in versions prior to Vim 9.0.0217, which stems from buffer over-reading...

PT-2022-4480 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

The vulnerability of the print_iso9660_recurse function in the libcdio library, which allows a attacker to cause a service failure or exert other effects

The vulnerability of the printiso9660recurse function in the iso-info.c file of the libcdio library is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures or other adverse effects from a remote...

LibRaw: Stack buffer overread

Background LibRaw is a library for reading RAW files obtained from digital photo cameras. Description LibRaw incorrectly handles parsing DNG fields in some cases, potentially resulting in a buffer overread leading to denial of service. Impact An attacker capable of providing crafted input to LibR...

GLSA-202208-07 : LibRaw: Stack buffer overread

The remote host is affected by the vulnerability described in GLSA-202208-07 LibRaw: Stack buffer overread - Libraw before 0.20.1 has a stack buffer overflow via LibRaw::identifyprocessdngfields in identify.cpp. CVE-2020-24870 Note that Nessus has not tested for this issue but has instead relied...

vim: buffer over-read in utf_ptr2char() in mbyte.c

A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a buffer over-read vulnerability in the utfptr2char function. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution...

AZL-10470 CVE-2022-37434 affecting package zlib for versions less than 1.2.12-2

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...