CVE-2022-27523

A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the curre...

CVE-2022-27523

A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the curre...

Denial Of Service (DoS)

github.com/ipld/go-codec-dagpb is vulnerable to denial of service. The vulnerability exists due to a lack of sanitization of the link length causing a buffer overread which leads to a panic...

The vulnerability of the Adobe XMP-Toolkit-SDK software, related to reading beyond the buffer in memory, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Adobe XMP-Toolkit-SDK lies in the creation of temporary files with insecure permissions. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to reading beyond the buffer in memory. This allows attackers to gain unauthorized access to protected information.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 relates to reading beyond the buffer in memory. Exploiting this...

PT-2022-18940 · Bentley · Microstation Connect

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.02.34 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicio...

PT-2022-19137 · Bentley · Microstation Connect

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.2.034 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicio...

PT-2022-18950 · Bentley · Microstation Connect

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.02.034 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

PT-2022-18946 · Bentley · Bentley View

Name of the Vulnerable Software and Affected Versions: Bentley View version 10.16.02.022 Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

PT-2022-18952 · Bentley · Microstation Connect

Name of the Vulnerable Software and Affected Versions: Bentley MicroStation CONNECT version 10.16.02.034 Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open ...

PT-2022-2609

Name of the Vulnerable Software and Affected Versions Ruby versions 2.6.0 through 2.6.9 Ruby versions 2.7.x through 2.7.5 Ruby versions 3.0.0 through 3.0.3 Ruby versions 3.1.0 through 3.1.1 Description The issue is related to a buffer over-read in Ruby, specifically in String-to-Float conversion,...

The vulnerability in the `read_objects` function of the `read.c` component of the .fig Fig2dev file conversion utility allows a attacker to cause a service failure.

The vulnerability of the readobjects function in the read.c component of the .fig conversion utility Fig2dev involves reading data beyond the allowable buffer size. Exploiting this vulnerability allows an attacker to cause service interruptions remotely...

The vulnerability of the `store_sm_boundary_item` function in the `Nef_S2/SNC_io_parser.h` component of the CGAL algorithm library allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the storesmboundaryitem function in the NefS2/SNCioparser.h library, a part of the computational geometry algorithm library CGAL, relates to reading data beyond the allowed buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data...

GHSA-G3VV-G2J5-45F2 ipld/go-codec-dagpb panics when processing certain blocks

Impact Decoding certain blocks using the go-ipld-prime version of the dag-pb codec go-codec-dagpb can cause a panic. The panic comes from an assumption that the reported link length is accurate, but if the block ends before that reported length then it’s a buffer overread. Patches The issue is...

ipld/go-codec-dagpb panics when processing certain blocks

Impact Decoding certain blocks using the go-ipld-prime version of the dag-pb codec go-codec-dagpb can cause a panic. The panic comes from an assumption that the reported link length is accurate, but if the block ends before that reported length then it’s a buffer overread. Patches The issue is...

CVE-2022-28805

singlevar in lparser.c in Lua from including 5.4.0 up to excluding 5.4.4 lacks a certain luaKexp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in its ability to read data beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in its ability to read data beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in its ability to read data beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations relates to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to execute arbitrary code.

Vulnerability of the Cluster component: General database management systems like MySQL Cluster involve reading data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...