PT-2026-6697

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An issue exists in the communication module that involves reading memory incorrectly. Successful exploitation of this issue may affect system availability. Recommendations At the moment, there is no...

EUVD-2004-0247

Malware in sbrugna...

Out-of-Bounds Read

libassimp.so is vulnerable to Out-of-Bounds Read. The vulnerability is due to improper input validation due to a lack of bounds checking on the pcVerts argument in the MDCImporter::InternReadFile function, which can lead to reading memory outside the allocated buffer...

CVE-2020-5831

Symantec Endpoint Protection Manager SEPM, prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...

CVE-2020-5833

Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program...

CVE-2020-1918

In-memory file operations ie: using fopen on a data URI did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, a...

PT-2025-9889 · Samsung · Samsung Notes

Name of the Vulnerable Software and Affected Versions: Samsung Notes versions prior to 4.4.26.71 Description: The issue is related to an out-of-bounds read in applying extra data of base content. This allows attackers to read out-of-bounds memory. Recommendations: For versions prior to 4.4.26.71,...

CVE-2023-31355

A flaw was found in the AMD firmware. This vulnerability allows a malicious hypervisor to overwrite a guest's UMC seed, potentially enabling the reading of memory from a decommissioned guest via improper restriction of write operations. Mitigation Mitigation for this issue is either not available...

CVE-2023-0286 X.400 address type confusion in X.509 GeneralName

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public structure definition for GENERALNAME incorrectly specified the type of the x400Address field as ASN1TYPE. This field is subsequentl...

CVE-2019-14861

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an issue, where the poorly named dnsserver RPC pipe provides administrative facilities to modify DNS records and zones. Samba, when acting as an AD DC, stores DNS records in LDAP. In AD, the default...

CVE-2006-4006

The dogameinfo function in BomberClone 0.11.6 and earlier, and possibly other functions, does not reset the packet data size, which causes the sendpkg function packets.c to use this data size when sending a reply, and allows remote attackers to read portions of server memory...

CVE-2004-1869

Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier allows remote attackers to cause a denial of service crash by sending a packet that specifies the size for the next packet, then sending a larger packet than specified, which causes Etherlords to read unallocated memory...

CVE-2004-0247

The client and server of Chaser 1.50 and earlier allow remote attackers to cause a denial of service crash via exception via a UDP packet with a length field that is greater than the actual data length, which causes Chaser to read unexpected memory...

Linux kernel sysctl() vulnerability

Hi, OVERVIEW There exists a Linux system call sysctl which is used to query and modify runtime system settings. Unprivileged users are permitted to query the value of many of these settings. The unprivileged user passes in a buffer location and the length of this buffer. Unfortunately, by...