7041 matches found
CVE-2022-32978
CVE-2022-32978 affects the libjpeg library prior to 1.64, caused by an assertion failure in SingleComponentLSScan::ParseMCU when processing an empty JPEG-LS scan. This leads to denial of service and is documented across multiple sources; no exploitation details are provided beyond the assertion f...
USN-5474-1: Varnish Cache vulnerabilities
It was dicovered that Varnish Cache did not clear a pointer between the handling of one client request and the next request within the same connection. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2019-20637 It was discovered that Varnish Cache could have a...
Authorization
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...
CVE-2022-26493
Xecurify's miniOrange Premium, Standard, and Enterprise Drupal SAML SP modules possess an authentication and authorization bypass vulnerability. An attacker with access to a HTTP-request intercepting method is able to bypass authentication and authorization by removing the SAML Assertion Signatur...
Drupal 信任管理问题漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A trust management issue vulnerability exists in Drupal SAML SP version 2.0. An attacker exploits the vulnerability to log in as any selected user...
Wrong items length assertion in basic order
Lines of code Vulnerability details When fulfilling a basic order we need to assert that the parameter totalOriginalAdditionalRecipients is less or equal than the length of additionalRecipients written in calldata. However in prepareBasicFulfillmentFromCalldata this assertion is incorrect L346: /...
openSUSE: Security Advisory for tiff (SUSE-SU-2022:1882-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SoX Denial of Service Vulnerability
SoX is a set of audio processing tools. SoX version 14.4.2 contains a denial of service vulnerability that results from an assertion failure in rateinit in rate.c in libsox.a. The vulnerability can be exploited to cause a denial of service. An attacker could exploit this vulnerability to cause a...
EulerOS 2.0 SP3 : libtiff (EulerOS-SA-2022-1739)
According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Null source pointer passed as an argument to memcpy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to 4.3.0...
libjpeg Denial of Service Vulnerability (CNVD-2022-77076)
libjpeg is a library written entirely in C that contains widely used implementations of JPEG decoding, JPEG encoding, and other JPEG functionality. libjpeg versions prior to 1.64 contain a denial-of-service vulnerability that stems from an assertion failure in BitStream in bitstream.hpp, which ca...
CVE-2022-31651
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
CVE-2022-31651
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
CVE-2022-31651
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
AZL-43648 CVE-2022-31651 affecting package sox 14.4.2.0-34
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
Authentication flaw
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
CVE-2022-31651
In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...
CVE-2022-31620
In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...
CVE-2022-31620
In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...
CVE-2022-31620
In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...
UBUNTU-CVE-2022-31620
In libjpeg before 1.64, BitStream::Get in bitstream.hpp has an assertion failure that may cause denial of service. This is related to out-of-bounds array access during arithmetically coded lossless scan or arithmetically coded sequential scan...