CVE-2022-32540

The CVE-2022-32540 entry affects Bosch BVMS, specifically the Operator Client (versions 10.1.1, 11.0, 11.1.0) and the VIDEOJET Decoder VJD-7513 (versions 10.23 and 10.30). The root cause is an information-disclosure flaw in the UDP-encrypted video path that can be exploited to expose confidential...

CVE-2022-32540

Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras wi...

Bosch BVMS 信息泄露漏洞

Bosch BVMS is an application system from Bosch Germany. It is used for video management. An information disclosure vulnerability exists in Bosch BVMS and VIDEOJET Decoder VJD-7513. An attacker could exploit this vulnerability to disclose sensitive information. The following products and versions...

PT-2022-21357 · Bosch · Videojet Decoder Vjd-7513 +1

Name of the Vulnerable Software and Affected Versions: BVMS versions 10.1.1 through 11.1.0 VIDEOJET Decoder VJD-7513 versions 10.23 through 10.30 Description: The issue allows a man-in-the-middle attacker to compromise confidential video streams. This is applicable when the target system contains...

GLSA-202209-21 : Poppler: Arbitrary Code Execution

The remote host is affected by the vulnerability described in GLSA-202209-21 Poppler: Arbitrary Code Execution - An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, watchOS 7.6.2...

The vulnerability of the `cv::BmpDecoder::readData` function in the `modules/imgcodecs/src/grfmt_bmp.cpp` file of the Computer Vision Library (OpenCV), a freely available computer vision and image processing library for general-purpose numerical algorithms, allows a perpetrator to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the cv::BmpDecoder::readData function in the modules/imgcodecs/src/grfmtbmp.cpp file of the Computer Vision Library OpenSource Computer Vision Library – OpenCV involves copying buffers without checking the input data. Exploiting this vulnerability allows an attacker to gain...

ROS-20220926-02

Poppler PDF rendering library vulnerability is related to integer overflow in decoder JBIG2 in the JBIG2Stream::readTextRegionSeg function in JBIGStream.c. Exploitation of the vulnerability could allow an an attacker acting remotely to pass a specially crafted PDF file or image to an application...

PT-2022-37302 · Exiv2 · Exiv2

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a heap buffer overflow error. Technical details about the error include the crash type being a heap-buffer-overflow WRITE and the crash state involving functions such ...

The vulnerability of the sbr_process_channel function in the libfaad/sbr_dec.c component of the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to trigger a service failure.

The vulnerability of the sbrprocesschannel function in the libfaad/sbrdec.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related to improper processing of new PS channels. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

PT-2022-37284 · Git +1 · Swiftnio

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. It involves the NIOHTTP1.HTTPDecoder.didFinishHead function and a protocol witness for...

The vulnerability of the ifilter_bank function in the libfaad/filtbank.c component allows a hacker to trigger a service failure. This vulnerability is present in the Freeware Advanced Audio Decoder 2 (FAAD2) audio decoder.

The vulnerability of the ifilterbank function in the libfaad/filtbank.c component is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause a service failure...

The vulnerability of the jbig2_image_compose function in the jbig2_image.c component of the JBIG2 image compression decoder Jbig2dec allows a attacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the jbig2imagecompose function in the jbig2image.c component of the JBIG2 image compression decoder Jbig2dec is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause servic...

OESA-2022-1906 poppler security update

Poppler is a free software utility library for rendering Portable Document Format PDF documents. \Its development is supported by freedesktop.org. It is commonly used on Linux systems,and is used by \the PDF viewers of the open source GNOME and KDE desktop environments. Security Fixes: Poppler...

PT-2022-6750

Name of the Vulnerable Software and Affected Versions Python versions prior to 3.11.1 Python versions prior to 3.10.9 Python versions prior to 3.9.16 Python versions prior to 3.8.16 Python versions prior to 3.7.16 Description An issue exists in the IDNA RFC 3490 decoder, where an unnecessary...

CVE-2022-38784

An integer overflow issue was discovered in Popplers' JBIG2 decoder in the JBIG2Stream::readTextRegionSeg function in JBIGStream.cc file. This flaw allows an attacker to trick a user into opening a malformed PDF file or JBIG2 image in the application, triggering an integer overflow, which could...

MGASA-2022-0320 Updated xpdf packages fix security vulnerability

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

Updated xpdf packages fix security vulnerability

In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc. CVE-2022-24106 Xpdf prior to 4.04 lacked an integer overflow check in JPXStream.cc...

Mageia: Security Advisory (MGASA-2022-0320)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2020-35533

In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobecopypixel" function libraw\src\decoders\dng.cpp when reading data from the image file...

UBUNTU-CVE-2020-35533

In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobecopypixel" function libraw\src\decoders\dng.cpp when reading data from the image file...