SUSE CVE-2022-3109

An issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks check of the return value of avmalloc and will cause a null pointer dereference, impacting availability...

openEuler byacc 资源管理错误漏洞

byacc is an open source syntax parser generation tool from openeuler. openEuler byacc has a security vulnerability , the vulnerability stems from the existence of post-release reuse of malloc when handling annotations...

PT-2023-9438 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.0-rc3+ Description: The issue is related to the arm64/mm component of the Linux kernel, where incorrect handling of memory allocation errors can lead to a denial of service. On arm64, the pmd leaf function...

PT-2024-11824 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the tbnet open function. This issue occurs when tb ring alloc rx fails, causing the ida allocated in tb...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

[ADM Service]"failed with error Unable to set capacity" when allocate ADC licence in Cloud

The newly built ADC VPX could successfully onboarding to Cloud ADM Service. However, when allocate ADC VPX Instance and Bandwidth license to VPX in ADM service GUI page, opeartion failied with below error prompt: "Failed to set capacity. Reason:Command failed on ... Request to ... failed with err...

USN-5190-1 graphicsmagick vulnerabilities

It was discovered that GraphicsMagick allowed reading arbitrary files via specially crafted images. An attacker could use this issue to expose sensitive information. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. CVE-2019-12921 It was discovered that...

CVE-2022-31287

An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp...

CVE-2022-31287

An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp...

Design/Logic Flaw

An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp...

Ubuntu 16.04 ESM : Libcroco vulnerabilities (USN-5389-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5389-1 advisory. It was discovered that Libcroco was incorrectly accessing data structures when reading bytes from memory, which could cause a heap buffer overflow. An...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Cisco SAN switches and directors (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Cisco SAN switches and directors. IBM Cisco SAN switches and directors has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108DESCRIPTION: OpenSSL could allow a remot...

Mageia: Security Advisory (MGASA-2019-0389)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ALPINE-CVE-2021-45960

In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory...

GHSA-XMC8-26Q4-QJHX Denial of Service (DoS) in Jackson Dataformat CBOR

This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 2.8.0-rc1 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. Unchecked allocation of byte buffer can cause a java.lang.OutOfMemoryError exception...

Huawei EulerOS: Security Advisory for soundtouch (EulerOS-SA-2021-2449)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libplist (EulerOS-SA-2021-2399)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : libplist (EulerOS-SA-2021-2399)

According to the versions of the libplist package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process...

UBUNTU-CVE-2021-36057

XMP Toolkit SDK version 2020.1 and earlier is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of th...

GPAC 安全漏洞

GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering.The MPEG-4 decoding feature of GPAC Project on Advanced Content library 1.0.1 suffers from an integer...