PT-2025-44321

Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.10.2 Description Wazuh, a platform for threat prevention, detection, and response, contains a flaw where a buffer over-read can occur in the DecodeWinevt function. This happens when accessing child attrp-attributesj d...

Wazuh 安全漏洞

Wazuh is a Wazuh open source application. It is used to collect, aggregate, index and analyze security data to help organizations detect intrusions, threats and behavioral anomalies. A security vulnerability exists in Wazuh versions prior to 4.12.0, which stems from the failure to properly...

PT-2025-44326

Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.12.0 Description Wazuh, a free and open source platform for threat prevention, detection, and response, contains a flaw where a buffer over-read can occur in the w expression match function. This happens when strlen i...

Security Bulletin: Allocation of resources without limits, heap-buffer-overread, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency service is vulnerable to allocation of resources without limits, heap-buffer-overread, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-32988 DESCRIPTION: A flaw was found in GnuTLS. A double-free vulnerability...

CLSA-2025-1761577285 Fix of 5 CVEs

SECURITY UPDATE: out-of-bounds access - debian/patches/CVE-2017-9118.patch: fix out of bounds access in phppcrereplaceimpl - CVE-2017-9118 SECURITY UPDATE: improper validation of HTTPREDIRECTSTATUS variable in CGI binary - debian/patches/CVE-2024-8927.patch: fix Apache server name check; remove...

Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Updated nginx package fixes security vulnerability

It was discovered that nginx contains a security issue in the ngxmailsmtpmodule which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server CVE-2025-53859...

MGASA-2025-0245 Updated nginx package fixes security vulnerability

It was discovered that nginx contains a security issue in the ngxmailsmtpmodule which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server CVE-2025-53859...

TencentOS Server 3: php:8.2 (TSSA-2025:0824)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0824 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

FreeBSD : Mongodb -- Use-after-free in the MongoDB (cdf2abf7-ae83-11f0-b5fb-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cdf2abf7-ae83-11f0-b5fb-b42e991fc52e advisory. [email protected] reports: An authorized user may crash the MongoDB server by causing buffer over-read...

CVE-2025-11979

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

PT-2025-46755

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the ext4 filesystem implementation within the Linux kernel. Specifically, the parse apply sb mount options function may experience a buffer over-read due to insufficient...

CVE-2025-11979

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

CVE-2025-11979

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

UBUNTU-CVE-2025-11979

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

EUVD-2025-35086

An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions. This issue affects MongoDB Server v7.0 versions prior to 7.0.25, MongoDB Server v8.0 versions prior to 8.0.15, and MongoD...

Mongodb -- Use-after-free in the MongoDB

[email protected] reports: An authorized user may crash the MongoDB server by causing buffer over-read. This can be done by issuing a DDL operation while queries are being issued, under some conditions...

VulnCheck KEV: CVE-2019-6443

An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctlgetitem, there is a stack-based buffer over-read in readsysvars in ntpcontrol.c in ntpd...

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions 7.0 up to and including 7.0.25, 8.0 up...

JLSEC-2025-132 FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demons...

FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ffgradfunblurlinemovdqasse2, as demonstrated by a call to the setencoderid function in /fftools/ffmpegenc.c component...