205 matches found
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A post-release reuse vulnerability exists in versions prior to Mozilla Firefox 127, which can be exploited by an attacker to read memory in the JavaScript string portion of the heap...
CVE-2024-23527
An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory...
OESA-2024-1438 jpegoptim security update
Jpegoptim is an utility to optimize JPEG files. Provides lossless optimization based on optimizing the Huffman tables and "lossy" optimization based on setting maximum quality factor. Security Fixes: JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ...
PT-2024-18744 · Unknown · Libsubextractor.So
Name of the Vulnerable Software and Affected Versions: libsubextractor.so versions prior to SMR Mar-2024 Release 1 Description: The issue is an out of bounds read vulnerability in the ssmis get frm function within libsubextractor.so. This allows local attackers to read out of bounds memory...
CVE-2024-20748
Acrobat Reader versions 20.005.30539, 23.008.20470 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
CVE-2024-20742 Adobe Substance 3D Paint RAS File Parsing Out-Of-Bounds Read Vulnerability
Substance3D - Painter versions 9.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current...
PT-2023-35651 · Git +1 · Libxml2
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free READ 1 crash type. The crash state involves functions such as htmlParseDocument, htmlDoRead, and...
Bread - BIOS Reverse Engineering And Advanced Debugging
BREAD BIOS Reverse Engineering & Advanced Debugging is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code on real HW from another PC via serial cable. Introduction BREAD emerged from many failed attempts to reverse engineer legacy BIOS. Given that the vast majority -- ...
CVE-2023-39616
AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assignframebufferp in av1/common/av1commonint.h...
CVE-2023-3425
Out-of-bounds read issue in M-Files Server versions below 23.8.12892.6 and LTS Service Release Versions before 23.2 LTS SR3 allows unauthenticated user to read restricted amount of bytes from memory...
Moderate: Red Hat Security Advisory: libtar security update
An update for libtar is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CVE-2023-2222
A vulnerability was found in binutils, where SEGV of objdump caused by READ memory access at concatfilename at dwarf2.c...
CVE-2023-26374 ZDI-CAN-20045: Adobe Dimension USD File Parsing Out-Of-Bounds Read Memory leak Vulnerability
Adobe Dimension version 3.4.8 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...
SUSE CVE-2008-1379
Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...
SUSE CVE-2010-3881
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device...
SUSE CVE-2016-7409
The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUGTRACE, allows local users to read process memory via the -v argument, related to a failed remote ident...
SUSE CVE-2018-18710
An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and...
SUSE CVE-2022-32325
JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c...
CVE-2022-40136
An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory...
Lenovo Desktops 缓冲区错误漏洞
Lenovo Desktops Lenovo desktops are desktop computers from Lenovo China. The Lenovo Desktops suffer from a buffer error vulnerability that stems from an information leak in the SMI handler that could allow an attacker with local access and elevated privileges to read SMM memory...