4733 matches found
Milesight UR32L uhttpd login buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1697 Milesight UR32L uhttpd login buffer overflow vulnerability July 6, 2023 CVE Number CVE-2023-23902 SUMMARY A buffer overflow vulnerability exists in the uhttpd login functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead ...
PT-2023-15838 · Unknown · Vdecoderservice
Name of the Vulnerable Software and Affected Versions: Vdecoderservice affected versions not specified Description: The issue is related to a Use After Free UAF vulnerability in the Vdecoderservice service. This vulnerability may cause the image decoding feature to perform abnormally when...
ROS-2-555
2.555 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
ROS-2-533
2.533 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
Huawei HarmonyOS 资源管理错误漏洞
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. Huawei HarmonyOS and EMUI have a memory misreference...
The vulnerability of the microprogramming software for Samsung Exynos Modems 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123 allows a hacker to cause service failures.
The vulnerability of the microprogramming software for Samsung Exynos Modems 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123 lies in the fact that operations occur outside the memory buffer during the decoding of the status string. Exploiting this vulnerabilit...
Temporal Server vulnerable to Incorrect Authorization and Insecure Default Initialization of Resource
Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...
OPENSUSE-SU-2023:0161-1 Security update for libjxl
This update for libjxl fixes the following issues: Update to release 0.8.2 CVE-2023-35790: Fix an integer underflow bug in patch decoding. bsc1212492...
SUSE CVE-2023-35790
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
CVE-2014-125106
Nanopb before 0.3.1 allows sizet overflows in pbdecbytes and pbdecstring...
Nanopb 缓冲区错误漏洞
Nanopb is a protocol buffer implementation for microprocessors from the individual developers of Nanopb. A security vulnerability exists in Nanopb versions prior to 0.3.1, which stems from an overflow in pbdecbytes and pbdecstring...
CVE-2023-35790
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
CVE-2023-35790
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
DEBIAN-CVE-2023-35790
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
CVE-2023-35790
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
Integer overflow
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
UBUNTU-CVE-2023-35790
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
Command Injection
ImageMagick is vulnerable to Command Injection. The vulnerability exists via video:vsync or video:pixel-format options in VIDEO encoding/decoding which allows an attacker to inject and execute arbitrary codes into the system...
CVE-2023-35790
An issue was discovered in decpatchdictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop...
CVE-2023-35790
CVE-2023-35790 affects the JPEG XL library (libjxl); a vulnerability in the patch decoding code allows an integer underflow that can cause a denial of service, including infinite loops. Public entries from Debian/Ubuntu indicate impacted releases and that fixes are available; Debian notes the iss...