Linux Distros Unpatched Vulnerability : CVE-2025-70116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g.,...

DEBIAN-CVE-2025-70116

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g., codec/mime/profile strings. gfmediamapesd then calls strlen on a NULL pointer, triggering a crash ASan SEGV...

CVE-2025-70116

A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields e.g., codec/mime/profile strings. gfmediamapesd then calls strlen on a NULL pointer, triggering a crash ASan SEGV...

PT-2026-44037

Name of the Vulnerable Software and Affected Versions GPAC MP4Box affected versions not specified Description A NULL pointer dereference occurs when parsing certain truncated MP4 files. An unknown or invalid stsd entry can lead to missing descriptor fields, such as codec, mime, or profile strings...

EUVD-2006-4135

Malware in sbrugna...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2024-1047)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-48363

In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer...

CVE-2022-48363

In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plugin mishandles a Drain call in certain situations involving truncated files. Eventually there is an assertion failure in libmpdclient because libqtappfw passes in a NULL pointer...

PT-2023-15740

Name of the Vulnerable Software and Affected Versions MPD versions prior to 0.23.8 Description The issue arises from the PipeWire output plugin mishandling a Drain call in certain situations involving truncated files, leading to an assertion failure in libmpdclient due to libqtappfw passing in a...

MPD 代码问题漏洞

MPD is a FreeBSD-based multi-link PPP daemon from a private developer. A security vulnerability exists in versions of MPD prior to 0.23.8, which stems from the PipeWire output plugin incorrectly handling Drain calls in certain cases involving truncated files, resulting in assertion failures in...

Denial Of Service (DoS)

pillow is vulnerable to denial of service DoS attacks. The vulnerability exists due to an infinite loop in the 'loadread' function in the JpegImagePlugin.py file. A malicious user can crash the system by sending multiple truncated files to the server...

Security update for libxls (moderate)

openSUSE Security Update: Security update for libxls Announcement ID: openSUSE-SU-2021:0812-1 Rating: moderate References: 1179532 Cross-References: CVE-2020-27819 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for libxls...

hivex security and bug fix update

1.3.3-4.3 - Add missing checks for small/truncated files resolves: rhbz1158993 - Fix typo in man page Win::Hivex.3.pm resolves: rhbz1164693...

hivex: missing checks for small-sized files

It was found that hivex attempted to read, and possibly write, beyond its allocated buffer when reading a hive file with a very small size or with a truncated or improperly formatted content. An attacker able to supply a specially crafted hive file to an application using the hivex library could...

Oracle Linux 7 : hivex (ELSA-2015-0301)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-0301 advisory. 1.3.10-5.7 - Fix: 'Argument list too long' when using virt-v2v on Windows guest with French copy of Citrix installed related: rhbz1145056 1.3.10-5.6 - Fix: typo...

Fedora 8 : filezilla-3.1.0.1-1.fc8 (2008-6812)

According to the NEWS in this release: ---------------- ! Do not report success on SSL/TLS transfers if server did not perform orderly SSL/TLS shutdown. Previously, an attacker could cause truncated files with FileZilla thinking the transfer was successful. All versions prior to this were affecte...

UDF truncating issue

The Universal Disk Format UDF filesystem driver in Linux kernel 2.6.17 and earlier allows local users to cause a denial of service hang and crash via certain operations involving truncated files, as demonstrated via the dd command...