JLSEC-2025-220 An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLSSSLDTLSCONNECTIONID is enabled and MBEDTLSSSLCIDINLENMAX 2 MBEDTLSSSLCIDOUTLENMAX...

CVE-2025-12056

Out-of-bounds Read in Shelly Pro 3EM before v1.4.4 allows Overread Buffers...

TencentOS Server 4: file (TSSA-2024:0300)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0300 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

TencentOS Server 3: vim (TSSA-2022:0126)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0126 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

CVE-2025-12056 Out-of-bounds Read in Shelly Pro 3EM

Out-of-bounds Read in Shelly Pro 3EM before v1.4.4 allows Overread Buffers...

FreeBSD : OpenVPN -- avoid buffer overread parsing routes or endpoints (50a0c266-c3ff-11f0-b513-0da7be77c170)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 50a0c266-c3ff-11f0-b513-0da7be77c170 advisory. Mikhail Khachaiants reports: socket: reject mismatched address family in getaddrgeneric. Add a family...

Mozilla Firefox ESR < 78.7.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 78.7.1. It is, therefore, affected by a vulnerability as referenced in the mfsa2021-06 advisory. - In the Angle graphics library, depth pitch computations did not take into account the block size and simply...

ext4: avoid potential buffer over-read in parse_apply_sb_mount_options()

...

SUSE CVE-2025-40198

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

EUVD-2025-150376

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

Siemens SIMATIC S7-1500 Buffer Over-read (CVE-2024-34459)

An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. This plugin only works with Tenable.ot. Please visit...

Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists...

Linux Distros Unpatched Vulnerability : CVE-2025-40198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NU...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2017-9050)

libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. This plugin only wor...

Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists...

Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2019-17595)

There is a heap-based buffer over-read in the fmtentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Adobe USD-Fileformat-plugins usdGltf Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe USD-Fileformat-plugins. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists...

CVE-2025-40198

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

DEBIAN-CVE-2025-40198

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...

AZL-70067 CVE-2025-40198 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid potential buffer over-read in parseapplysbmountoptions Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure smountopts is NUL terminated. Harden parseapplysbmountoptions by treating smountopts ...