The vulnerability of the built-in software in Intel NUC Kits relates to reading data beyond the buffer in memory. This allows attackers to access protected information, cause system failures, or gain increased privileges.

The vulnerability of the built-in software in the Intel NUC Kit arises from reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to access protected information, cause system failures, or increase their privileges...

curl: Heap-based buffer over-read in the curl tool warning formatting

Curl versions 7.14.1 through 7.61.1 are vulnerable to a heap-based buffer over-read in the toolmsgs.c:voutf function that may result in information exposure and denial of service...

curl: RTSP RTP buffer over-read

A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the execution of operations beyond the buffer boundaries in memory, allows attackers to execute arbitrary code.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted web page or file...

The vulnerability of the KMD module in Intel Graphics Driver allows a hacker to trigger a service failure.

The vulnerability of the KMD module in the Intel Graphics Driver lies in reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

The vulnerability of the JET Database Engine database driver for Windows operating systems arises from the possibility of operations occurring outside the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the JET Database Engine database driver for Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

PT-2019-2869 · Imagemagick +1 · Imagemagick +1

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8-50 Description: The issue is related to a buffer over-read in the CompositeImage function of the MagickCore/composite.c module. This can be exploited by a remote attacker using a specially crafted image, potentially...

CVE-2019-3957

Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which could crash the application or leak sensitive information...

CVE-2019-3956

Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating CltDHPubKeyLen during key negotiation, which could crash the application or leak sensitive information...

UBUNTU-CVE-2019-11040

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information...

DEBIAN-CVE-2019-12493

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allo...

UBUNTU-CVE-2019-12493

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allo...

UBUNTU-CVE-2019-12360

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

CVE-2018-18059

An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this can...

CVE-2018-18060

An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Paired with other vulnerabilities, this...

The vulnerability of the igdkm64.sys driver, a graphics system driver for Intel Graphics Drivers, allows a hacker to cause a service failure.

The vulnerability of the igdkm64.sys driver for Intel Graphics Drivers is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

Poppler heap buffer overread vulnerability (CNVD-2019-15934)

Poppler is based on xpdf-3.0 code base PDF rendering library. A heap buffer over-read vulnerability exists in JPXStream::init in JPEG2000Stream.cc in Poppler 0.76.1 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service via data with inconsistent height or...

CVE-2019-12159

GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function when called from getRequestType via a long URL...

UBUNTU-CVE-2019-10053

An issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the function SSHParseBanner is composed only of a \n character, then the program runs into a heap-based buffer over-read. This occurs because the erroneous search for \r results in an integer underflow...

DEBIAN-CVE-2019-10050

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control...