4671 matches found
PT-2025-40880
Name of the Vulnerable Software and Affected Versions versions prior to 8.0 Description A crafted animation can trigger a use-after-free write during SANM decoding. This occurs when a STOR chunk is followed by an FOBJ chunk, and the frame has an invalid size. The code attempts to decode a frame...
Linux Distros Unpatched Vulnerability : CVE-2024-6162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises becau...
Linux Distros Unpatched Vulnerability : CVE-2022-1473
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The OPENSSLLHflush function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This functi...
Linux Distros Unpatched Vulnerability : CVE-2021-21850
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A speciall...
Linux Distros Unpatched Vulnerability : CVE-2020-14355
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE...
Linux Distros Unpatched Vulnerability : CVE-2021-21859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The...
Linux Distros Unpatched Vulnerability : CVE-2020-10379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. CVE-2020-10379 Note that Nessus relies on the presence of the package as...
Linux Distros Unpatched Vulnerability : CVE-2021-21861
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When...
SUSE-SU-2025:02809-1 Security update for rust-keylime
This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...
Linux Distros Unpatched Vulnerability : CVE-2022-49770
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ceph: avoid putting the realm twice when decoding snaps fails When decoding the snaps fails it maybe leaving the 'firstrealm' and 'realm' pointing to the same...
CVE-2025-8760 INSTAR 2K+/4K fcgi_server base64_decode buffer overflow
A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64decode of the component fcgiserver. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely...
BIT-LIBPHP-2020-7070 PHP parses encoded cookie names so malicious `__Host-` cookies can be sent
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. This may lead to cookies with prefixes like Host confused with cookies that decode to such prefix, thus leading to an attacker being...
BIT-LIBPYTHON-2025-4516 Use-after-free in "unicode_escape" decoder with error handler
There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode call in ...
OESA-2025-1973 iperf3 security update
Iperf is a tool for active measurements of the maximum achievable bandwidth on IP networks. It supports tuning of various parameters related to timing, protocols, and buffers. Security Fixes: iperf is an open source tool for ESnet to actively measure the maximum bandwidth that can be achieved on ...
CVE-2025-54650
Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function...
CVE-2025-54650
Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function...
CVE-2025-54650
Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function...
CVE-2025-54650
Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function...
CVE-2025-54650
Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function...
CVE-2025-54650
The CVE-2025-54650 entry describes an improper array index verification vulnerability in Huawei HarmonyOS’s audio codec module. The flaw affects the audio decoding function; exploitation could impact decoding behavior as stated by multiple sources. Public assessments show a MEDIUM base score (NVD...