The vulnerability of the sd_wp_addr component of the emulation software for hardware devices on other platforms, related to reading data beyond the buffer’s acceptable limits, allows a malicious actor to cause a service failure.

The vulnerability of the sdwpaddr component of the hardware emulation software for other platforms supported by QEMU lies in its ability to read data from beyond the allowed buffer size. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the Jp2Image::readMetadata() function in the jp2image.cpp component of the Exiv2 media metadata management library is related to the occurrence of operations outside the buffer in memory. This vulnerability allows an attacker to access confidential data and also trigger a service failure.

The vulnerability of the Jp2Image::readMetadata function in the jp2image.cpp component of the Exiv2 media metadata management library is related to an improper check on the rawData.size property. Exploiting this vulnerability could allow a remote attacker to access confidential data, as well as...

The vulnerability of the driver of the QEMU hardware emulation controller arises from reading data beyond the permissible buffer limits. This allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the driver of the QEMU hardware emulation controller lies in reading data from within allowable buffer limits. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of the Nef polygon function in the CGAL computational geometry algorithm library, which involves reading data beyond the permissible buffer limits, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Nef polygon function in the CGAL computational geometry algorithm library is related to reading data beyond the permissible buffer size. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause servi...

The vulnerability of the hw/scsi/scsi-generic.c component of the QEMU hardware emulation software, related to reading data beyond the buffer’s acceptable limits, allows a malicious actor to cause a service failure.

The vulnerability of the hw/scsi/scsi-generic.c component of the QEMU hardware emulation software is related to reading data from within acceptable buffer limits. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the server-based Redmine project and task management web application lies in its ability to read data beyond the allowed buffer size limits, allowing an attacker to compromise the integrity of the data.

The vulnerability of the server-based Redmine project and task management web application is related to incorrect data processing during the formatting of tasks. Exploiting this vulnerability allows an attacker to compromise the integrity of the data...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2020 are related to reading beyond the buffer in memory. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to reading data beyond the buffer in memory. Exploiting...

OESA-2021-1394 redis security update

Redis is an advanced key-value store. It is often referred to as a dattructure server since keys can contain strings, hashes ,lists, sets anorted sets. Security Fixes: Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed...

OESA-2021-1388 aspell security update

GNU Aspell is a spell checker intended to replace Ispell. It can be used as a library and spell checker. Its main feature is that it provides much better suggestions than other inspectors, including Ispell and Microsoft Word. It also has many other technical enhancements to Ispell, such as the us...

The vulnerability of the Adobe Genuine Service application checking service, related to errors in processing symbolic links, allows a perpetrator to re-record arbitrary files and increase their privileges.

The vulnerability of the Adobe Genuine Service application checking service is related to reading data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to rewrite arbitrary files and increase their privileges...

CVE-2021-25492

Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read...

The vulnerability of the Linux operating system’s kernel, related to reading beyond the buffer in memory, allows a hacker to cause a service failure.

The vulnerability of the Linux operating system’s kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the eBPF subsystem in the Linux operating system, related to reading beyond the buffer in memory, allows a hacker to execute arbitrary code in the kernel context.

The vulnerability of the eBPF subsystem in the Linux operating system is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the kernel context...

DEBIAN-CVE-2021-32672

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...

多款Qualcomm产品缓冲区错误漏洞

The Qualcomm MDM9206 and others are products of Qualcomm Incorporated.The MDM9206 is a central processing unit CPU.The MDM9607 is a central processing unit CPU.The MDM9650 is a central processing unit CPU.The MDM9650 is a central processing unit CPU. A security vulnerability exists in Qualcomm th...

多款Qualcomm产品缓冲区错误漏洞

Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm.QCA6574AU is a central processing unit CPU product.APQ8053 is a central processing unit CPU product.SDX55 is a modem. Multiple Qualcomm Products A buffer error vulnerability exists in the DSP service that stems from an...

PT-2023-3600 · Qt Company +8 · Qt +8

Name of the Vulnerable Software and Affected Versions: Qt versions 5.x before 5.15.14 Qt versions 6.x before 6.2.9 Qt versions 6.3.x through 6.5.x before 6.5.1 Description: The issue is related to a buffer over-read in the QDnsLookup component of the Qt framework, which can be exploited by a remo...

PT-2021-7752 · Redis +5 · Redis +5

Name of the Vulnerable Software and Affected Versions: Redis versions 3.2 through 6.2.5 Redis versions 3.2 through 6.0.15 Redis versions 3.2 through 5.0.13 can be simplified to: Redis versions 3.2 through 6.2.5 Description: The issue affects Redis, an open source, in-memory database that persists...

CVE-2021-41533

A vulnerability has been identified in NX 1980 Series All versions V1984, Solid Edge SE2021 All versions SE2021MP8. The affected application is vulnerable to an out of bounds read past the end of an allocated buffer when parsing JT files. An attacker could leverage this vulnerability to leak...

Siemens Solid Edge 缓冲区错误漏洞

Solid Edge is a 3D CAD, parametric feature and synchronous technology solid modeling software. buffer out-of-bounds read vulnerability exists in versions prior to Siemens Solid Edge SE2021MP8. An attacker can exploit the vulnerability to disclose information in the context of the current process...