The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 lies in the ability to write outside the buffer, allowing attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Acrobat DC, Acrobat Reader DC, Acrobat 2024, Acrobat 2020, and Acrobat Reader 2020 is related to writing beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially...

The vulnerability of the cv_upgrade_sensor_firmware() function in the Dell ControlVault3 security driver package allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cvupgradesensorfirmware function in the Dell ControlVault3 security driver suite is related to writing beyond buffer boundaries. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

The vulnerability of the SYSTEM FTP-server command of the PCMan FTP Server allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the SYSTEM FTP-server command of the PCMan FTP Server lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...

The vulnerability of the g_string_insert_unichar() function in the glib/gstring.c file of the Glib library allows a hacker to execute arbitrary code.

The vulnerability of the gstringinsertunichar function in the glib/gstring.c file of the Glib library is related to a violation of the buffer boundary. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z teleworkers allows a hacker to cause a service outage.

The vulnerability of the Cisco AnyConnect VPN server in the microprogramming software for Cisco Meraki MX and Cisco Meraki Z teleworkers relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending...

The vulnerability of the PLS FTP-server command in the PCMan FTP Server allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the PLS FTP-server’s command line interface is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...

The vulnerability of the Storage Management Provider component in Windows operating systems allows attackers to disclose sensitive information that is protected by this component’s security measures.

The vulnerability of the Storage Management Provider component in Windows operating systems is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by security measures...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues. We have performed updates to the Operators used by our Speech Services. The following vulnerabilities have been addressed in this update. Please read the details for remediation below. Vulnerability...

SUSE CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

DEBIAN-CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

AZL-64055 CVE-2025-38068 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

UBUNTU-CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068 crypto: lzo - Fix compression buffer overrun

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

CVE-2025-38068

CVE-2025-38068: In the Linux kernel, the crypto/lzo path fixed a compression buffer overrun by adding a safe compression interface that checks the end of the output buffer before each write and using it in crypto/lzo. This corrects a prior assumption that the caller always provided sufficient buf...

CVE-2025-38068 crypto: lzo - Fix compression buffer overrun

In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpudm initialization when the number of links is greater than maxlinks. Reason The Coverity report indicates an OVERRUN warning. There are only maxlinks elements within dc-links. The number of links can...