4734 matches found
CVE-2022-33259 Buffer copy without checking the size of input in Modem
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received...
PT-2023-13270 · Qualcomm · Snapdragon +12
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned, use: affected versions not specified Description: The issue is related to memory corruption caused by a buffer copy without checking the size of the input in a modem. This occurs while decoding raw...
MGASA-2023-0119 Updated perl-Cpanel-JSON-XS packages fix security vulnerability
Fixes some bugs including a security vulnerability when decoding hash keys without ending ':'...
Updated perl-Cpanel-JSON-XS packages fix security vulnerability
Fixes some bugs including a security vulnerability when decoding hash keys without ending ':'...
PT-2023-36337 · Mageia · Perl-Cpanel-Json-Xs
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A security issue exists when decoding hash keys without an ending colon :. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...
Delta Electronics InfraSuite Device Master Path Traversal Vulnerability
Delta Electronics InfraSuite Device Master is Delta Electronics' device for simplifying and automating critical equipment monitoring. A path traversal vulnerability in Delta Electronics InfraSuite Device Master versions prior to 1.0.5 can be exploited by an attacker to cause an elevation of...
The vulnerability in the intrapred.h function of the libde265 video codec allows a hacker to cause a service failure.
The vulnerability of the intrapred.h function in the libde265 video codec is related to an error in decoding files using dec256. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Rocky Linux 8 : openssl (RLSA-2023:1405)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1405 advisory. - A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a...
CVE-2023-1142
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation...
CVE-2023-1142
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation...
Authentication flaw
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation...
CVE-2023-1142 CVE-2023-1142
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation...
CVE-2023-1142 CVE-2023-1142
In Delta Electronics InfraSuite Device Master versions prior to 1.0.5, an attacker could use URL decoding to retrieve system files, credentials, and bypass authentication resulting in privilege escalation...
CVE-2023-1142
CVE-2023-1142 affects Delta Electronics InfraSuite Device Master prior to 1.0.5. The issue is a path traversal vulnerability triggered by URL decoding, allowing an unauthenticated attacker to access system files and credentials and bypass authentication, leading to privilege escalation. The affec...
Important: golang
Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Affected Packages: golang Issue Correction: Run dnf update golang --releasever 2023.0.20230322 or dnf update --advisory ALAS2023-2023-142 --releasever 2023.0.20230322 to update your system. More information o...
PT-2023-2368 · Delta Electronics · Infrasuite Device Master
Name of the Vulnerable Software and Affected Versions: Delta Electronics InfraSuite Device Master versions prior to 1.0.5 Description: The issue allows an attacker to retrieve system files, credentials, and bypass authentication, resulting in privilege escalation. This can be achieved through URL...
[SECURITY] Fedora 38 Update: xine-lib-1.2.13-1.fc38
This package contains the Xine library. It can be used to play back various media, decode multimedia files from local disk drives, and display multimedia streamed over the Internet. It interprets many of the most common multimedia formats available - and some uncommon formats, too...
[SECURITY] Fedora 38 Update: mpv-0.35.1-3.fc38
Mpv is a movie player based on MPlayer and mplayer2. It supports a wide varie ty of video file formats, audio and video codecs, and subtitle types. Special input URL types are available to read input from a variety of sources other than disk files. Depending on platform, a variety of different...
Fedora: Security Advisory for mpv (FEDORA-2023-a5e10b188a)
The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SAMSUNG Mobile Chipset 缓冲区错误漏洞
SAMSUNG Mobile Chipset is a series of chips from the South Korean company Samsung SAMSUNG. SAMSUNG Mobile Chipset and Baseband Modem Chipset's Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, Exynos Auto T5123, and Exynos W920 suffer from a buff...