9106 matches found
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
CVE-2022-28319
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-42432
This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
CVE-2022-28317
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-48434
CVE-2022-48434 : FFmpeg’s libavcodec pthread_frame.c contains a use-after-free in worker threads due to stale hwaccel state, exploitable in some scenarios (e.g., mid-video SPS change with Direct3D11). Affected component: libavcodec in FFmpeg lib used by VLC and others. Vulnerable version: FFmpeg ...
CVE-2022-28319
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-28319
Bentley MicroStation CONNECT 10.16.02.034 is affected. The vulnerability originates from the 3DM file parser, where memory is not properly initialized before access, enabling arbitrary code execution. An attacker must lure a user to visit a malicious page or open a malicious file, after which cod...
CVE-2022-28320
CVE-2022-28320 affects Bentley View 10.16.02.022. The issue lies in parsing 3DM files where memory is not properly initialized before access, enabling an attacker to execute code in the context of the current process with user interaction required (visit a malicious page or open a malicious file)...
CVE-2022-42432
This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel 6.0-rc2. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
CVE-2022-28320
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-28317
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
The vulnerability of the kvm_vcpu_ioctl_x86_getdebugregss() function (arch/x86/kvm/x86.c) in the KVM virtualization subsystem of the Linux operating system allows a attacker to gain access to protected information.
The vulnerability of the kvmvcpuioctlx86getdebugregss function arch/x86/kvm/x86.c in the KVM virtualization subsystem of the Linux operating system is related to errors during initialization. Exploiting this vulnerability can allow an attacker to gain access to protected information...
The vulnerability of the software and hardware components of SCADA systems such as ABB Relion 611, Relion 615, Relion 620, Relion REF615, Relion RED615, Relion RER620, Relion RER615, Relion REX640, eVD4, REC615, and SMU615 lies in improper initialization of resources, which allows attackers to trigger maintenance-related failures.
The vulnerability of the software and hardware components of SCADA systems such as ABB Relion 611, Relion 615, Relion 620, Relion REF615, Relion RED615, Relion RER620, Relion RER615, Relion REX640, eVD4, REC615, and SMU615 is related to improper initialization of resources. Exploiting this...
The vulnerability of the hdrblobInit() function in the lib/header.c component of the RPM package manager allows a hacker to trigger a service failure.
The vulnerability of the hdrblobInit function in the lib/header.c component of the RPM package manager is related to reading data from within allowable buffer sizes. Exploiting this vulnerability could allow an attacker to cause service failures...
The vulnerability of the lsx_adpcm_init function in the SoX audio processing software allows a hacker to gain access to confidential data and also trigger a service failure.
The vulnerability of the lsxadpcminit function in the SoX audio processing software is related to reading data from beyond the buffer’s acceptable limits. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data, as well as cause service interruptions throug...
CVE-2022-46397
FP.io VPP Vector Packet Processor 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode...
CVE-2022-48352
Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic...
CVE-2022-48352
Some smartphones have data initialization issues. Successful exploitation of this vulnerability may cause a system panic...