CLSA-2022-1643747494 Fix of CVE: CVE-2020-7071, CVE-2020-7068, CVE-2020-7069, CVE-2020-7070, CVE-2021-21702

CVE-2020-7068: php: Use of freed hash key in the pharparsezipfile function - CVE-2020-7069: php: Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV - CVE-2020-7070: php: URL decoding of cookie names can lead to different interpretation of cookies between browser and server -...

GHSA-6R92-CGXC-R5FG Denial of service in CBOR library

Impact Due to this library's use of an inefficient algorithm, it is vulnerable to a denial of service attack when a maliciously crafted input is passed to DecodeFromBytes or other CBOR decoding mechanisms in this library. Affected versions include versions 4.0.0 through 4.5.0. This vulnerability...

GHSA-WJFQ-88Q2-R34J Unhandled exception when decoding form response JSON

Impact When handling form responses from the client ModalFormResponsePacket, the Minecraft Windows client may send weird JSON that jsondecode can't understand. A workaround for this is implemented in InGamePacketHandler::stupidjsondecode. An InvalidArgumentException is thrown by this function whe...

PT-2022-28161 · Unknown · Petero.Cbor

Name of the Vulnerable Software and Affected Versions: PeterO.Cbor versions 4.0.0 through 4.5.0 Description: The issue is a denial of service vulnerability that can be triggered by providing crafted data to the DecodeFromBytes or other decoding mechanisms in PeterO.Cbor. Depending on the usage of...

CVE-2022-23435

decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service...

Denial of service

decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service...

CVE-2021-30300

Possible denial of service due to incorrectly decoding hex data for the SIB2 OTA message and assigning a garbage value to choice when processing the SRS configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

PT-2022-9973 · Qualcomm · Snapdragon Compute +6

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Connectivity affected versions not specified Snapdragon Consumer IOT affected versions not specified Snapdragon Industrial IOT...

DEBIAN-CVE-2021-44648

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12...

CVE-2021-44648

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12...

UBUNTU-CVE-2021-44648

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12...

CVE-2021-44648

CVE-2021-44648 affects GNOME gdk-pixbuf 2.42.6 with a heap-buffer overflow in the GIF lzw decoder when the minimum code size is 12. Connected advisories confirm the issue across multiple distributions and architectures. Exploitation details are not provided in the documents; the vulnerability can...

CVE-2021-44648

GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12...

Out-of-bounds Write

GNOME gdk-pixbuf is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals 12...

gdk-pixbuf 缓冲区错误漏洞

gdk-pixbuf is an image loading library. A security vulnerability exists in gdk-pixbuf 2.42.6, which originates from a heap buffer overflow vulnerability when decoding lzw compressed image data streams in GIF files with lzw minimum code size equal to 12...

PT-2022-10931 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-9 through Android-12 Description: The issue is related to an incorrect bounds check in the doRead function of SimpleDecodingSource.cpp, which could lead to a possible out of bounds write. This might result in remote...

DEBIAN-CVE-2021-36409

There is an Assertion scalinglistpredmatrixiddelta==1' failed at sps.cc:925 in libde265 v1.0.8 when decoding file, which allows attackers to cause a Denial of Service DoS by running the application with a crafted file or possibly have unspecified other impact...

ALPINE-CVE-2021-36408

An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265...

DEBIAN-CVE-2021-36408

An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265...

CVE-2021-36408

An issue was discovered in libde265 v1.0.8.There is a Heap-use-after-free in intrapred.h when decoding file using dec265...