PT-2024-36041 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a Read/Write vulnerability in the image decoding module. Successful exploitation of this vulnerability will affect availability...

PT-2024-36039 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a Read/Write vulnerability in the image decoding module. Successful exploitation of this vulnerability will affect availability...

PT-2024-36040 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a read/write vulnerability in the image decoding module. Successful exploitation of this vulnerability will affect availability. Ther...

PT-2024-36037 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns a Read/Write vulnerability in the image decoding module. Successful exploitation of this vulnerability will affect availability. Ther...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in the Huawei HarmonyOS image decoding module, which can be exploited by attackers to affect availability...

PT-2024-36038 · Softwarex · Softwarex

Name of the Vulnerable Software and Affected Versions: SoftwareX affected versions not specified Description: The issue is related to a null pointer dereference vulnerability in the image decoding module. Successful exploitation of this vulnerability will affect availability. Recommendations: At...

USN-7151-1: oFono vulnerabilities

It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause a denial of service. CVE-2023-4232, CVE-2023-4235...

USN-7151-1 ofono vulnerabilities

It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause a denial of service. CVE-2023-4232, CVE-2023-4235...

USN-7141-1 ofono vulnerabilities

It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause a denial of service. CVE-2023-2794, CVE-2023-4233, CVE-2023-4234...

USN-7141-1: oFono vulnerabilities

It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause a denial of service. CVE-2023-2794, CVE-2023-4233, CVE-2023-4234...

OESA-2024-2506 golang security update

. Security Fixes: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.CVE-2024-34156...

OESA-2024-2504 golang security update

. Security Fixes: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.CVE-2024-34156...

OESA-2024-2503 golang security update

. Security Fixes: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.CVE-2024-34156...

SUSE CVE-2024-53984

Nanopb is a small code-size Protocol Buffers implementation. When the compile time option PBENABLEMALLOC is enabled, the message contains at least one field with FTPOINTER field type, custom stream callback is used with unknown stream length. and the pbdecodeex function is used with flag...

Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders

Impact In Synapse versions before 1.120.1, enabling the dynamicthumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for processing. This significantly expands...

Exploit for Improper Restriction of XML External Entity Reference in Wordpress

POC CVE-2021029447 - XXE in WordPress WordPress 5.6-5.7 - Au...

DEBIAN-CVE-2024-53984

Nanopb is a small code-size Protocol Buffers implementation. When the compile time option PBENABLEMALLOC is enabled, the message contains at least one field with FTPOINTER field type, custom stream callback is used with unknown stream length. and the pbdecodeex function is used with flag...

UBUNTU-CVE-2024-53984

Nanopb is a small code-size Protocol Buffers implementation. When the compile time option PBENABLEMALLOC is enabled, the message contains at least one field with FTPOINTER field type, custom stream callback is used with unknown stream length. and the pbdecodeex function is used with flag...

DEBIAN-CVE-2024-36615

FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread...

CVE-2024-35369

In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overflow conditions, potentially resulting in...