PT-2025-53960

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s drm/virtio subsystem. The issue involves a missing check to ensure that transferred 2D buffer objects BO are shared memory shmem objects. If a userspa...

The vulnerability of Adobe InCopy, a text creation and editing software, relates to reading data outside the buffer in memory. This allows an attacker to gain unauthorized access to protected information.

The vulnerability of the Adobe InCopy text creation and editing software is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of Adobe InDesign’s computer design automation tool, related to reading data outside the buffer in memory, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Adobe InCopy text creation and editing software lies in buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe InCopy text creation and editing software is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

The vulnerability of the remote connection function of the microprogramming software for Lenovo ThinkSystem storage servers, Lenovo ThinkStation workstations, and Lenovo ThinkEdge industrial computers, as well as the Lenovo ThinkAgile software/hardware system, allows attackers to increase their privileges.

The vulnerability of the Remote Presence subsystem of the microprogramming software for Lenovo ThinkSystem servers, Lenovo ThinkStation workstations, Lenovo ThinkEdge industrial computers, and the Lenovo ThinkAgile software/hardware system lies in the fact that the operation data is stored outsid...

The vulnerability of the Remote Presence subsystem of the microprogramming software used in Lenovo ThinkSystem servers, Lenovo ThinkStation workstations, and Lenovo ThinkEdge industrial computers. This vulnerability allows a attacker to cause a service failure.

The vulnerability of the Remote Presence subsystem of the microprogramming software for Lenovo ThinkSystem servers, Lenovo ThinkStation workstations, Lenovo ThinkEdge industrial computers, and the Lenovo ThinkAgile software/hardware system lies in the fact that the operation data is stored outsid...

CVE-2022-34764

CVE-2022-34764 describes a CWE-119 vulnerability (improper restriction of operations within the bounds of a memory buffer) that could cause a denial of service when parsing URLs. Affected Schneider Electric devices include the X80 advanced RTU Communication Module BMENOR2200H (V1.0) and the OPC U...

The vulnerability of the mount.cifs component of the CIFS file system mounting utility package cifs-utils in Linux operating systems allows a hacker to increase their privileges.

The vulnerability of the mount.cifs component in the Linux CIFS file system mounting utility package, cifs-utils, is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of TCP modules in the software utility for processing Rsyslog logs, which allows a hacker to execute arbitrary code.

The vulnerability of TCP modules in the Rsyslog log-processing software lies in the writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the nftable filter and classification subsystem in the Linux operating system allows a hacker to elevate their privileges to the root level.

The vulnerability of the nftable filter and classification subsystem in the Linux operating system is related to writing beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level...

Siemens PADS Standard/Plus Viewer

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: PADS Standard/Plus Viewer Vulnerabilities: Out-of-bounds Read, Out-of-bounds Write, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitations of...

Siemens EN100 Ethernet Module

1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: EN100 Ethernet Module Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer. 2. RISK EVALUATION Successful exploitation of this vulnerability could...

The vulnerability in the implementation of the util.printf() function allows attackers to execute arbitrary code in PDF viewer and editor applications like Adobe Reader and Adobe Acrobat.

The vulnerability of the util.printf function in PDF viewing and editing applications like Adobe Reader and Adobe Acrobat arises from the execution of operations outside of the buffer in memory, due to improper parameter checking. Exploiting this vulnerability allows a malicious actor to execute...

The vulnerability of the Exec_time_tracker::get_loops/Filesort_tracker::report_use/filesort functions in the MariaDB database management system allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Exectimetracker::getloops/Filesorttracker::reportuse/filesort functions in the MariaDB database management system is related to the execution of operations beyond the buffer limits in memory. Exploiting this vulnerability could allow a malicious actor to compromise the...

The vulnerability of the `prepare_inplace_add_virtual` function in the MariaDB database management system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the prepareinplaceaddvirtual function in the MariaDB database management system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibili...

The vulnerability of the st_select_lex_unit::exclude_level function in the MariaDB database management system allows a attacker to compromise the accessibility of protected information.

The vulnerability of the stselectlexunit::excludelevel function in the MariaDB database management system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to compromise the accessibility of protected information...

The vulnerability of Firefox browsers, Firefox ESR, and the Thunderbird email client relates to the execution of operations beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Firefox browsers, Firefox ESR, and the email client Thunderbird is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Firefox browsers, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of Firefox browsers is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of Adobe Reader and Adobe Acrobat PDF viewer/editor programs, related to the execution of operations beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs like Adobe Reader and Adobe Acrobat lies in the execution of operations beyond the buffer limits in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created PDF file...