CVE-2026-23554

CVE-2026-23554 covers a use-after-free in the Intel EPT paging code where deferred flushing of cached EPT state can leave freed paging structures briefly cached. The issue affects Xen hypervisor components (as reported in multiple distro advisories) and can allow a local attacker to access memory...

EUVD-2015-2825

Malware in sbrugna...

Out-of-Bounds-Read

libassimp.so is vulnerable to an out-of-bounds read. The vulnerability is due to insufficient bounds checking in the MDLImporter::ParseSkinLump3DGSMDL7 function when parsing 3DGS MDL7 skin lumps, allowing a local attacker to read unintended memory...

The ap_rwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...

CVE-2022-41318

A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a...

Oracle Linux 8 : httpd:2.4 (ELSA-2022-7647)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7647 advisory. - Resolves: 2097015 - CVE-2022-28614 httpd:2.4/httpd: out-of-bounds read via aprwrite - Resolves: 2097031 - CVE-2022-28615 httpd:2.4/httpd: out-of-boun...

CVE-2022-42327

CVE-2022-42327 concerns the Xen hypervisor. On Intel systems that support the “virtualize APIC accesses” feature, a guest can read and write the global shared xAPIC page by moving the local APIC out of xAPIC mode, bypassing isolation between guests. The vulnerability is classified with CVSS‑3.1: ...

CVE-2022-28614

The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from Apache HTTP Server that use t...

CVE-2021-1923

Incorrect pointer argument passed to trusted application TA could result in un-intended memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT...

Adobe Acrobat and Reader Information Disclosure (APSB17-11: CVE-2017-3046)

An information disclosure vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

CVE-2015-2739

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors...

CVE-2015-2739

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors...

CVE-2015-2739

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors...

CVE-2015-2736

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive...