EUVD-2026-17210

Botan is a C++ cryptography library. From version 2.3.0 to before version 3.11.0, during SM2 decryption, the code that checked the authentication code value C3 failed to check that the encoded value was of the expected length prior to comparison. An invalid ciphertext can cause a heap over-read o...

PT-2026-27202

Name of the Vulnerable Software and Affected Versions NetScaler ADC versions prior to 14.1-60.58 NetScaler Gateway versions prior to 13.1-662.23 Description Insufficient input validation in NetScaler ADC and NetScaler Gateway, when configured as a SAML Identity Provider IdP, leads to an...

ROS-20260306-73-0018

A vulnerability in the regsgetkernelstacknth function of the Linux kernel is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability of protected information...

CVE-2026-25884

Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. Prior to version 0.28.8, an out-of-bounds read was found. The vulnerability is in the CRW image parser. This issue has been patched in version 0.28.8...

CVE-2026-25941

FreeRDP is a free implementation of the Remote Desktop Protocol. Versions on the 2.x branch prior to to 2.11.8 and on the 3.x branch prior to 3.23.0 have an out-of-bounds read vulnerability in the FreeRDP client's RDPGFX channel that allows a malicious RDP server to read uninitialized heap memory...

MiracleLinux 7 : php-5.4.16-48.0.4.el7.AXS7 (AXSA:2024-9432:05)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9432:05 advisory. CVE-2024-11233: fix buffer overflow vulnerability in convert.quoted-printable-decode filter CVEs: CVE-2024-11233 In PHP versions 8.1. before 8.1.31, 8.2...

Advisory ROSA-SA-2025-3064

Software: libwebp 1.0.0 OS: ROSA Virtualization 2.1 unaffected versions = libwebp-1.0.0.0-10.0.1.rv3 affected versions libwebp-1.0.0.0-10.0.1.rv3 CVE-ID: CVE-2023-4863 BDU-ID: TO600, TO601, TO675, TO797, TO826 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the libwebp library for WebP image...

EUVD-2017-6353

Malware in sbrugna...

EUVD-2014-9797

Malware in sbrugna...

EUVD-2017-6388

Malware in sbrugna...

FreeBSD : LibreSSL -- overwrite and -read vulnerability (699ef80f-9e91-11f0-bc5f-8447094a420f)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 699ef80f-9e91-11f0-bc5f-8447094a420f advisory. The LibreSSL project reports: An incorrect length check can result in a 4-byte overwrite and an 8-byte...

Linux Distros Unpatched Vulnerability : CVE-2018-10733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a heap-based buffer over-read in the function ftfontfacehash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of...

Linux Distros Unpatched Vulnerability : CVE-2019-6956

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c. CVE-2019-6956 Note that...

CVE-2025-5456

A buffer over-read vulnerability in Ivanti Connect Secure before 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 2.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a remote unauthenticated attacker to trigger a...

The vulnerability of the Adobe Substance 3D Viewer application, which allows for the reading beyond the buffer in memory, enables attackers to disclose protected information.

The vulnerability of the Adobe Substance 3D Viewer application for viewing and editing 3D files is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to disclose protected information using a specially created file...

CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

CVE-2022-40518

Information disclosure due to buffer overread in Core...

ruby security update

3.0.7-163 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: rbhz2322153 3.0.7-162 - Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 - Fix HTTP response splitting in CGI. Resolves: RHEL-35741 - Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 - Fix ReDoS vulnerability in Time. Resolves:...

The vulnerabilities of the 3D viewing tool JTJT2Go, the Product Lifecycle Management system Teamcenter Visualization, and the 3D geometric modeling tool Parasolid allow a perpetrator to execute arbitrary code.

The vulnerability of the 3D viewing tool JT, JT2Go, the product lifecycle management system Teamcenter Visualization, and the 3D geometric modeling tool Parasolid relates to reading data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user, using a specially created file...