399 matches found
AZL-27647 CVE-2022-33065 affecting package libsndfile for versions less than 1.0.31-3
Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...
CVE-2022-33065
Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...
UBUNTU-CVE-2022-33065
Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and mat4readheader in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts...
libsndfile 输入验证错误漏洞
libsndfile is an AC library for reading and writing sound files containing sampled audio data. A security vulnerability exists in Libsndfile version 1.1.0, which originates from multiple signed integer overflows in the aureadheader function in src/au.c, and in the mat4open and mat4readheader...
NewStart CGSL CORE 5.05 / MAIN 5.05 : expat Multiple Vulnerabilities (NS-SA-2023-0028)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has expat packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g.,...
SUSE CVE-2018-14343
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer...
SUSE CVE-2020-26682
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...
SA45038 - CVE-2022-23852 - Expat (AKA Libexpat) Before 2.4.4 Has a Signed Integer Overflow in XML_GetBuffer, for Configurations With a Nonzero XML_CONTEXT_BYTES
A vulnerability has been reported on the 23rd of Jan 2022 under https://nvd.nist.gov/vuln/detail/CVE-2022-23852 Description: Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. Related link:...
CVE-2022-44566
A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...
CVE-2022-44566
A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...
CVE-2022-44566
A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter 7.0.4.1 and 6.1.7.1. When a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric. Comparing integer values against numeric...
Denial of Service Vulnerability in ActiveRecord’s PostgreSQL adapter
There is a potential denial of service vulnerability present in ActiveRecord’s PostgreSQL adapter. In ActiveRecord 7.0.4.1 and 6.1.7.1, when a value outside the range for a 64bit signed integer is provided to the PostgreSQL connection adapter, it will treat the target column type as numeric...
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2023-1060)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2022-34883 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.7 Description: A signed-integer-overflow bug was found in the tcp add backlog function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior t...
GLSA-202209-13 : libaacplus: Denial of Service
The remote host is affected by the vulnerability described in GLSA-202209-13 libaacplus: Denial of Service - auchannel.h in HE-AAC+ Codec aka libaacplus 2.0.2 has a signed integer overflow, which might allow remote attackers to cause a denial of service application crash or possibly have...
Buffer Overflow
fis-gtm:sid is vulnerable to buffer overflow. An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is...
GSD-2022-1004900 ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
ipv6: Fix signed integer overflow in l2tpip6sendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.285 by commit...
GSD-2022-1004656 ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
ipv6: Fix signed integer overflow in l2tpip6sendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.124 by commit...
GSD-2022-1004506 ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg
ipv6: Fix signed integer overflow in l2tpip6sendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.49 by commit...
GSD-2022-1004315 ipv6: Fix signed integer overflow in __ip6_append_data
ipv6: Fix signed integer overflow in ip6appenddata This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.6 by commit...