The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

OESA-2021-1038 php security update

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...

The vulnerability of the professional video editing software Adobe Premiere Pro, related to reading data beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the professional video editing software Adobe Premiere Pro lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

OESA-2021-1024 p11-kit security update

Provides a way to load and enumerate PKCS11 modules. Provides a standard configuration setup for installing PKCS11 modules in such a way that they're discoverable. Also solves problems with coordinating the use of PKCS11 by different components or libraries living in the same process.\r\n\r\n...

The vulnerability of Adobe Premiere Rush’s video editing software, related to reading data beyond the buffer in memory, allows attackers to gain unauthorized access to protected information.

The vulnerability of Adobe Premiere Rush’s video editing software relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

OESA-2021-1013 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

OESA-2021-1006 memcached security update

Memcached is a high-performance, distributed memory object caching system, generic in nature, but originally intended for use in speeding up dynamic web applications by alleviating database load. You can think of it as a short-term memory for your applications.\r\n\r\n Security Fixes:\r\n\r\n...

glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding

A flaw was found in glibc. When processing input in the EUC-KR encoding, an invalid input sequence could cause glibc to read beyond the end of a buffer, resulting in a segmentation fault. The highest threat from this vulnerability is to system availability...

The vulnerability of the Adobe Media Encoder application, related to reading beyond the buffer in memory, allows an attacker to disclose protected information.

The vulnerability of the Adobe Media Encoder application relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

Qualcomm Wlan Firmware Buffer Error Vulnerability

Qualcomm Wlan Firmware is a Wlan support firmware from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Wlan Firmware that originates from a buffer over-read due to improper IE length checking in receive beacons...

It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c. A local attacker may use this flaw to make the application crash.

...

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service.

...

An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.

...

There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service.

...

AZL-6493 CVE-2021-3272 affecting package jasper for versions less than 2.0.32-2

jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components...

UBUNTU-CVE-2021-3272

jp2decode in jp2/jp2dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship between the number of channels and the number of image components...

QEMU 缓冲区错误漏洞

QEMU is a set of simulation processors written by Fabrice Bellard and distributed with source code under the GPL license, widely used on the GNU/Linux platform. An out-of-bounds read access vulnerability exists in ideatapicmdreplyend in hw/ide/atapi.c in QEMU 5.1.0. The vulnerability stems from a...

The vulnerability of the software platform for conducting marketing campaigns, both online and offline, in Adobe Campaign Classic, relates to reading data beyond the buffer in memory. This allows an attacker to gain unauthorized access to protected information.

The vulnerability of the software platform for conducting marketing campaigns, both online and offline, in Adobe Campaign Classic is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

UBUNTU-CVE-2020-14410

SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...