CVE-2025-27186

After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

Nintendo: Splatoon 3 Anticheat Seed Randomization Weakness

A weakness in the anticheat seed randomization implementation of Splatoon 3 was discovered. The vulnerability allowed the predictability of the seed used for anticheat checks, potentially undermining the intended security measures...

CVE-2025-27180

Substance3D - Modeler versions 1.15.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a...

CVE-2025-27163

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires...

Linux Distros Unpatched Vulnerability : CVE-2015-1593

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations...

Using Valgrind on Chrome

Brief script that demonstrates running valgrind and afl-fuzz on Google Chrome. This favorite code for security auditing and memory leak detection with Valgrind runs the Valgrind tool and several other tools to check for memory leaks, which can lead to resource buffer overflows and more. Exploit /...

CVE-2025-21124

InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2024-26001

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

SUSE-SU-2025:20103-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2024-52616: Properly randomize query id of DNS packets bsc1233420. Bug fixes: - No longer supply bogus services to callbacks bsc1226586. - Tag hardening patches as PATCH-FEATURE-OPENSUSE - Remove dependency on /usr/bin/python3 using...

CVE-2018-9434

In multiple functions of Parcel.cpp, there is a possible way to bypass address space layout randomization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2018-9434

In multiple functions of Parcel.cpp, there is a possible way to bypass address space layout randomization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. bsc1234102 CVE-2024-12087: arbitrary file...

PT-2025-1343 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to multiple functions in Parcel.cpp, where it is possible to bypass address space layout randomization. This could lead to a local...

Security update for rsync

This update for rsync fixes the following issues: CVE-2024-12084: heap buffer overflow in checksum parsing. bsc1234100 CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client machine's file contents through the...

CVE-2024-56830

The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand if no strong randomization module is present...

CVE-2024-56830

The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand if no strong randomization module is present...

CVE-2024-56830

The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand if no strong randomization module is present...

CVE-2024-56830

The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand if no strong randomization module is present...

PT-2025-3340 · Unknown +1 · Net::Easytcp +1

Name of the Vulnerable Software and Affected Versions: Net::EasyTCP versions 0.15 through 0.26 Description: The issue arises because the Net::EasyTCP package for Perl utilizes Perl's built-in rand function when no strong randomization module is present. This can lead to insecure randomization...

CVE-2024-56830

The CVE-2024-56830 issue affects the Net::EasyTCP Perl module (libnet-easytcp-perl) versions 0.15–0.26. The root cause is fallback to Perl’s insecure rand() when Crypt::Random isn’t available, risking weak randomness. Debian/OSV/NASL references confirm a fix: upgrade to Debian 11 bullseye package...