4731 matches found
ALSA-2023:5539 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvp...
Exploit for Out-of-bounds Write in Webmproject Libvpx
CVE-2023-5217: libvpx VP8 Encoding Heap Overflow PoC CVE-2023...
Amazon Linux 2 : squid (ALASSQUID4-2023-010)
The version of squid installed on the remote host is prior to 4.15-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2SQUID4-2023-010 advisory. 2023-10-12: CVE-2022-41317 was added to this advisory. An issue was discovered in Squid through 4.7 and 5. When receivin...
PT-2023-36041 · Git +1 · Serenity
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue is identified, potentially causing a crash. The crash occurs in the Gfx::decode bmp pixel data function, which is calle...
CVE-2023-40163
An out-of-bounds write vulnerability exists in the allocatebufferforjpegdecoding functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2023-40163
An out-of-bounds write vulnerability exists in the allocatebufferforjpegdecoding functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability...
Important: squid
Issue Overview: An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decod...
PT-2023-27299 · Accusoft · Accusoft Imagegear
Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 20.1 Description: An out-of-bounds write issue exists in the allocate buffer for jpeg decoding functionality. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious fil...
Moderate: Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.1.6 security and bug fix update
OpenShift API for Data Protection OADP 1.1.6 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.13.4 security and bug fix update
Red Hat OpenShift Virtualization release 4.13.4 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...
ROS-20230915-11
A vulnerability in the Base plugin gst-plugins-base of the Gstreamer multimedia framework is related to a buffer overrun during the parsing and decoding of subtitles from SRT files. operation outside the memory buffer when parsing and decoding subtitles from SRT files. Exploitation exploitation o...
GHSA-6JMW-6MXW-W4JC BER/CER/DER decoder panics on invalid input
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
BER/CER/DER decoder panics on invalid input
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
DEBIAN-CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
Input validation
NLnet Labs’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
UBUNTU-CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...
CVE-2023-39914
NLnet Labs' bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding...