PT-2022-36693 · Oracle · Java.Base

Name of the Vulnerable Software and Affected Versions: java.base affected versions not specified Description: The issue is related to a security exception in the org.codehaus.janino.Parser.parseAssignmentExpression function. It involves the java.base/java.nio.charset.CharsetEncoder class...

PT-2022-37310 · Oracle · Java

Name of the Vulnerable Software and Affected Versions: java versions affected versions not specified Description: The issue is related to a security exception. Technical details about the crash include the Parser.parseConditionalExpression function and the CESU 8$Encoder.encodeLoop method in...

Adobe Media Encoder Arbitrary Code Execution Vulnerability (APSB20-10) - Windows

Adobe Media Encoder is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

GSD-2022-1005642 drm/meson: Fix refcount leak in meson_encoder_hdmi_init

drm/meson: Fix refcount leak in mesonencoderhdmiinit This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...

GSD-2022-1005534 drm/amd/display: Check correct bounds for stream encoder instances for DCN303

drm/amd/display: Check correct bounds for stream encoder instances for DCN303 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.63 by commit...

PT-2022-33897 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.15.33 through 5.15.60 Description: A refcount leak was discovered in the meson encoder hdmi init function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35974 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35974 Source advisory: OSV:GHSA-VGVH-2PF4-JR2X...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35972 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35972 Source advisory: OSV:GHSA-4PC4-M9MJ-V2R9...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35964 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35964 Source advisory: OSV:GHSA-F7R5-Q7CX-H668...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35996 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35996 Source advisory: OSV:GHSA-Q5JV-M6QW-5G37...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-35959 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-35959 Source advisory: OSV:GHSA-WXJJ-CGCX-R3VQ...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-36012 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-36012 Source advisory: OSV:GHSA-JVHC-5HHR-W3V5...

New Linux Cryptomining Malware

Its pretty nasty: The malware was dubbed "Shikitega" for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to "mutate" its code to avoid detection. Shikitega alters its code each time it runs through one of several decoding loops that AT&T said each...

New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices

A new piece of stealthy Linux malware called Shikitega has been uncovered adopting a multi-stage infection chain to compromise endpoints and IoT devices and deposit additional payloads. "An attacker can gain full control of the system, in addition to the cryptocurrency miner that will be executed...

CVE-2022-30534

An OS command injection vulnerability exists in the aVideoEncoder chunkfile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability...

PT-2022-21709 · Wwbn · Avideo

Name of the Vulnerable Software and Affected Versions: WWBN AVideo versions 11.6 Description: A SQL injection issue exists in the ObjectYPT functionality, allowing an attacker to inject SQL by manipulating the videoDownloadedLink or duration parameter in the aVideoEncoder functionality, which can...

fdkaac 安全漏洞

fdkaac is a command-line front-end for the libfdk-aac encoder by the Japanese individual developer nu774. A security vulnerability exists in fdkaac commit number: 53fe239, which stems from a floating point exception in its wavopen at /src/wavreader.c component...

WWBN AVideo chunkFile information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1550 WWBN AVideo chunkFile information disclosure vulnerability August 16, 2022 CVE Number CVE-2022-28710 SUMMARY An information disclosure vulnerability exists in the chunkFile functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A...

ffjpeg 安全漏洞

ffjpeg is a JPEG encoder/decoder by the individual developer Kai Chen in China. A security vulnerability exists in ffjpeg, which originates from a memory leak contained in the /src/jfif.c file...

CVE-2022-30635

Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a message which contains deeply nested structures...