PT-2025-3302 · Unknown +2 · Matrix Media Repo +4

Name of the Vulnerable Software and Affected Versions: Matrix Media Repo versions prior to 1.3.8 Description: The issue arises when SVG or JPEGXL thumbnailers are enabled, allowing a user to upload a file that claims to be one of these types and request a thumbnail, potentially invoking a differe...

BIT-PHP-MIN-2021-21707 Special characters break path parsing in XML functions

In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexmlloadfile, URL-decode the filename passed to them. If that filename contains URL-encoded NUL character, this may cause the function to interpret this as the end of the...

Git 安全漏洞

Git is a free, open source distributed version control system open-sourced by Git. Git has a security vulnerability that stems from the fact that any URL-encoded portion can be decoded...

PT-2026-2938

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP, a free implementation of the Remote Desktop Protocol, contains a flaw related to Base64 decoding. A global-buffer-overflow can occur due to implementation-defined char signedness on...

CVE-2024-55628

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.8, DNS resource name compression can lead to small DNS messages containing very large hostnames which can be costly to decode, and lead to very large DNS log...

Stack Overflow

github.com/cosmos/cosmos-sdk, cosmossdk.io/x/tx is vulnerable to Stack overflow. The vulnerability is due to improper handling of transaction decoding in Cosmos SDK, allows for excessive resource consumption or stack overflow when processing transactions, potentially leading to system instability...

Suricata 安全漏洞

Suricata is a network IDS, IPS and NSM engine from the Open Information Security Foundation. A security vulnerability exists in Suricata versions prior to 7.0.8 that stems from the fact that DNS resource name compression may result in small DNS messages containing very large contained hostnames...

PT-2025-11968 · Suricata +1 · Suricata +1

Name of the Vulnerable Software and Affected Versions: Suricata versions affected versions not specified Description: The issue concerns a problem where the decode base64 signature can cause large memory allocation. This could potentially lead to issues with the Suricata package in Debian Linux...

CVE-2020-1822

There are multiple out of bounds OOB read vulnerabilities in the implementation of the Common Open Policy Service COPS protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities...

CVE-2020-1820

There are multiple out of bounds OOB read vulnerabilities in the implementation of the Common Open Policy Service COPS protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities...

SUSE CVE-2024-53146

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

OESA-2024-2587 golang security update

. Security Fixes: Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.CVE-2024-34155 Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a...

[SECURITY] Fedora 40 Update: dr_libs-0^20241216git660795b-1.fc40

Single-file audio decoding libraries for C/C++...

[SECURITY] Fedora 41 Update: dr_libs-0^20241216git660795b-1.fc41

Single-file audio decoding libraries for C/C++...

DEBIAN-CVE-2024-53146

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

CVE-2024-53146

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

AZL-54945 CVE-2024-53146 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

UBUNTU-CVE-2024-53146

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

CVE-2024-53146 NFSD: Prevent a potential integer overflow

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

Huawei HarmonyOS image decoding module read/write vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A read/write vulnerability exists in the Huawei HarmonyOS image decoding module. An attacker could exploit this vulnerability to affect availability...