CVE-2022-2584 Panic when decoding invalid blocks in github.com/ipld/go-codec-dagpb

The dag-pb codec can panic when decoding invalid blocks...

CVE-2022-26964

Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows information disclosure via a password brute-force attack. An error caused base64 to be decoded...

Information disclosure

Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows information disclosure via a password brute-force attack. An error caused base64 to be decoded...

CVE-2022-26964

Weak password derivation for export in Devolutions Remote Desktop Manager before 2022.1 allows information disclosure via a password brute-force attack. An error caused base64 to be decoded...

CVE-2022-23547 Heap buffer overflow in pjproject when decoding STUN message

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability...

DEBIAN-CVE-2022-41639

A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a...

DEBIAN-CVE-2022-3266

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

CVE-2022-3266

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

CVE-2022-3266

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

Non-standard ERC20 tokens are locked in the contract

Lines of code Vulnerability details Impact The function forwardERC20s transfers ERC20 tokens out of the contract to the owner. However, it does not properly handle non-standard ERC20 tokens such as USDT which do not return a bool when the transfer is called. The issue is that token is of type...

CVE-2022-3266

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

CVE-2022-3266

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR 102.3, Thunderbird 102.3, and Firefox 105...

CVE-2022-25940

All versions of package lite-server are vulnerable to Denial of Service DoS when an attacker sends an HTTP request and includes control characters that the decodeURI function is unable to parse...

FFmpeg 代码问题漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. FFmpeg has a code issue vulnerability that stems from the vp3decodeframe function in its libavcodec/vp3.c file that does not reasonably check the return result of the avmalloc function, whi...

CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

Memory corruption

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

PT-2022-17461 · Qualcomm · Qualcomm Snapdragon

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon affected versions not specified Description: The issue is related to memory corruption in the MODEM UIM due to the usage of an out of range pointer offset while decoding a command from a card. This affects various Qualcomm...

CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

PT-2022-36807 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ 1 crash has been reported. The crash involves the functions bit read B, dwg decode header variables, and decode R13 RNUMBER. ...

[SECURITY] Fedora 35 Update: woff-0.20091126-33.fc35

Provides the sfnt2woff and woff2sfnt command-line tools for encoding and decoding Web Open Font Format WOFF files...