5957 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-20194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2...
Linux Distros Unpatched Vulnerability : CVE-2018-19502
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.1. There was a heap-based buffer overflow in the function excludedchannels in...
Linux Distros Unpatched Vulnerability : CVE-2019-15691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-return, which occurs due to incorrect usage of stack memory in ZRLEDecoder. If decoding routin...
ROS-20250827-02
A vulnerability in the command line utility for converting PDF documents QPDF is related to a heap buffer overflow in PlASCII85Decoder::write heap buffer overflow in PlASCII85Decoder::write. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...
CVE-2025-0081
In dnglosslessdecoder::HuffDecode of dnglosslessjpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0081
CVE-2025-0081 concerns Android where the vulnerability is in dng_lossless_decoder::HuffDecode within dng_lossless_jpeg.cpp. The issue stems from uninitialized data in Huffman decoding, which can crash the process and cause remote denial of service without extra privileges and without user interac...
Linux Distros Unpatched Vulnerability : CVE-2021-39516
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function HuffmanDecoder::Get located in huffmandecoder.hpp. It allo...
Linux Distros Unpatched Vulnerability : CVE-2019-15692
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow. Vulnerability could be triggered from CopyRectDecoder due to incorrect value checks...
Linux Distros Unpatched Vulnerability : CVE-2018-20199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a...
Linux Distros Unpatched Vulnerability : CVE-2016-9812
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gstmpegtssectionnew function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service out-of-bounds read via a...
Linux Distros Unpatched Vulnerability : CVE-2018-19503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.1. There was a stack-based buffer overflow in the function calculategain in...
Linux Distros Unpatched Vulnerability : CVE-2018-20359
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbrdec.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8...
Remote Code Execution (RCE)
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Remote Code Execution RCE due to using torch.utils.data.datapipes.utils.decoder.basichandlers function. An attacker can execute arbitrary code ...
Picklescan missing detection when calling pytorch function torch.utils.data.datapipes.utils.decoder.basichandlers
Summary Using torch.utils.data.datapipes.utils.decoder.basichandlers function, which is a pytorch library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...
ROS-20250822-11
A vulnerability in the HPACK decoder of Golang programming is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting locally to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2022-24823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains a...
Linux Distros Unpatched Vulnerability : CVE-2022-39244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and...
Linux Distros Unpatched Vulnerability : CVE-2021-37137
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable...
Linux Distros Unpatched Vulnerability : CVE-2021-37136
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during...
Linux Distros Unpatched Vulnerability : CVE-2025-2310
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. Th...