Important: python3

Issue Overview: An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service...

openSUSE 15 Security Update : netty (SUSE-SU-2022:1271-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1271-1 advisory. - Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol...

UBUNTU-CVE-2022-3341

A null pointer dereference issue was discovered in 'FFmpeg' in decodemainheader function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformatnewstream and triggers the null pointer dereference error, causing an application to crash...

Arbitrary Code Execution

github.com/cloudflare/golz4 is vulnerable to arbitrary code execution. The vulnerability is due to the use of an unsafe version of the LZ4 decoder LZ4uncompress which is used in the Uncompress function resulting in memory corruption via specially crafted user input...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2023-1133)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA...

EulerOS 2.0 SP9 : python3 (EulerOS-SA-2023-1109)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA...

CVE-2022-32637

In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374...

CVE-2022-32637

In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374...

Out-of-bounds

In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374...

CVE-2022-32637

CVE-2022-32637 affects the hevc decoder (MediaTek components) with a missing bounds check causing an out-of-bounds write. This can enable local privilege escalation to System level with no user interaction required. The patch identified is ALPS07491374 (Issue ID ALPS07491374). Exploitation detail...

CVE-2022-32637

In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374...

MediaTek 芯片 缓冲区错误漏洞

MediaTek chips are a variety of chips from MediaTek, a Chinese company. MediaTek suffers from a buffer error vulnerability that originates from an out-of-bounds write in the hevc decoder due to a lack of bounds checking, which could result in a local privilege escalation affecting the following...

CVE-2022-32637

In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374...

PT-2023-13091 · Unknown · Hevc Decoder

Name of the Vulnerable Software and Affected Versions: hevc decoder affected versions not specified Description: The issue is related to a missing bounds check in the hevc decoder, which could lead to a possible out of bounds write. This could result in local escalation of privilege, with System...

ASB-A-257860658

In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Fedora 36 : python3.6 (2022-bcf089dd07)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-bcf089dd07 advisory. Security fix for CVE-2022-45061: CPU denial of service via inefficient IDNA decoder Tenable has extracted the preceding description block directly from the...

freerdp -- multiple vulnerabilities

FreeRDP reports: GHSA-5w4j-mrrh-jjrm: Out of bound read in zgfx decoder. GHSA-99cm-4gw7-c8jh: Undefined behaviour in zgfx decoder. GHSA-387j-8j96-7q35: Division by zero in urbdrc channel. GHSA-mvxm-wfj2-5fvh: Missing length validation in urbdrc channel. GHSA-qfq2-82qr-7f4j: Heap buffer overflow i...

Fedora 36 : python3-docs / python3.10 (2022-e699dd5247)

The remote Fedora 36 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-e699dd5247 advisory. Update to 3.10.9 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

Fedora 36 : python3.8 (2022-6d51289820)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-6d51289820 advisory. Update 3.8.16 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issu...

Fedora 36 : poppler (2022-f79aa2bae9)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-f79aa2bae9 advisory. Security fix for CVE-2022-38784 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...