CVE-2020-17398

This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17394

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists...

kernel: Buffer over-read in crypto_authenc_extractkeys() when a payload longer than 4 bytes is not aligned.

A buffer over-read flaw was found in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read threat, leading to a system crash...

The vulnerability of Grub2 operating system loaders, related to operations occurring outside the data buffer, allows attackers to influence data integrity or cause service failures.

The vulnerability of Grub2 operating system loaders is related to the issue of operations going beyond the data buffer when processing symbolic links. Exploiting this vulnerability can allow an attacker to influence the integrity of data or cause service failures...

In the GNU C Library (aka glibc or libc6) through 2.29 proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.

...

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character.

...

The vulnerability of the crypto_authenc_extractkeys file in the operating system kernel of Red Hat Enterprise Linux allows a hacker to trigger a service failure.

The vulnerability of the cryptoauthencextractkeys file crypto/authenc.c in the Red Hat Enterprise Linux kernel is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

UBUNTU-CVE-2020-24344

JerryScript through 2.3.0 has a functiona=argumentsconst arguments buffer over-read...

DEBIAN-CVE-2020-17507

An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. readxbmbody in gui/image/qxbmhandler.cpp has a buffer over-read...

AZL-6836 CVE-2020-17507 affecting package qt5-qtsvg for versions less than 5.12.11-3

An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. readxbmbody in gui/image/qxbmhandler.cpp has a buffer over-read...

UBUNTU-CVE-2020-17507

An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. readxbmbody in gui/image/qxbmhandler.cpp has a buffer over-read...

The vulnerability of the WebSQL module in Google Chrome browser allows attackers to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome’s WebSQL module relates to reading data beyond the allowed buffer size. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and even cause service failures through a specially created HTML page...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain full control over the application.

The vulnerability of the Core component of the Oracle VM VirtualBox virtualization software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain full control over the application...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox virtualization software relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

PT-2020-6174

Name of the Vulnerable Software and Affected Versions Libxml2 version 2.9.10 Description The issue is related to a global buffer over-read vulnerability in the xmlEncodeEntitiesInternal function at libxml2/entities.c in the Libxml2 library. This vulnerability allows a remote attacker to access...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve reading beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to reading data beyond the buffer in memory. Exploiting these vulnerabilities can...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...