EUVD-2023-58451

Malicious code in bioql PyPI...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ffmpeg (SUSE-SU-2025:1450-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1450-1 advisory. - CVE-2025-22921: Clear array length when freeing it. bsc1237382 - CVE-2025-0518: Fix memory dat...

Linux Distros Unpatched Vulnerability : CVE-2019-12360

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted...

CVE-2025-0518

CVE-2025-0518 affects FFmpeg 7.1 and is due to an unchecked return value causing an out-of-bounds read in libavfilter/af_pan.C. The issue is addressed by the FFmpeg commit b5b6391d64807578ab872dc58fb8aa621dcfc38a, which provides the fix. Discovery credited to Simcha Kosman. Public references in c...

CVE-2025-0518 Unchecked sscanf return value which leads to memory data leak

Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/afpan.C . This issue affects FFmpeg: 7.1. Issue was fixed: ...

llama.cpp Global Buffer Overflow Vulnerability

llama.cpp is a multimodal model. A global buffer overflow vulnerability exists in llama.cpp, which can be exploited by an attacker to cause a memory data leak...

grub2: out-of-bounds read at fs/ntfs.c

An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to...

Amazon Linux 2 : thunderbird (ALAS-2024-2379)

The version of thunderbird installed on the remote host is prior to 115.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2379 advisory. On some systems--depending on the graphics settings and drivers--it was possible to force an out-of-bounds read and...

Mozilla: Out-of-bound memory access in WebGL2 blitFramebuffer

The Mozilla Foundation Security Advisory describes this flaw as: On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element...

RHEL 9 : firefox (RHSA-2023:7510)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7510 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Mozilla Firefox < 115.5

The version of Firefox installed on the remote Windows host is prior to 115.5. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-50 advisory. - On some systemsdepending on the graphics settings and driversit was possible to force an out-of-bounds read and leak...

Medium: libssh2

Issue Overview: An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the libssh2packetrequire and libssh2packetrequirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory. CVE-2019-3859 An out of...

Vulnerability fixed in AMD processors

AMD has fixed a vulnerability with reference CVE-2021-26401 for the Ryzen and Athlon processors. This vulnerability has the same cause as the vulnerability known as Spectre, with attribute CVE-2017-5717. This vulnerability allows a malicious party to obtain sensitive data from the memory of a loc...

MGASA-2020-0291 Updated xpdf packages fix security vulnerability

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

Stack overflow

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

Adobe Acrobat/Reader Memory Disclosure Vulnerability (CNVD-2015-06748)

Adobe Reader/Acrobat is a popular application for working with PDF files. A memory disclosure vulnerability exists in Adobe Reader/Acrobat. An attacker is allowed to construct a malicious PDF file and trick the user into parsing it, which can obtain sensitive memory information...

OpenSSL Heartbeat (Heartbleed) Information Leak

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Auxiliary include Msf::Exploit::Remote::Tcp include Msf::Auxiliary::Scanner include Msf::Auxiliary::Report CIPHERSUITES = 0xc014,...

Microsoft Security Bulletin MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure &#40;Q824105&#41;

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in NetBIOS Could Lead to Information Disclosure 824105 Date: 03 September 2003 Software: - Microsoft Windows NT 4.0 Server - Microsoft Windows NT 4.0, Terminal Server Edition -...

Linux ICMP information leak

Because of invalid size calculation for SMTP packet with error code, it contains data from memory...