41 matches found
Astra Linux - уязвимость в libvpx
There are integer overflows in the libvpx library in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may lead to integer overflows in the calculations of buffer sizes and offsets, and some fields of the returned vpximaget struct may become invali...
RLSA-2023:5537 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvp...
libvpx security update
An update is available for libvpx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvpx packages provide the VP8 SDK, which allows the encoding and decodi...
Security Bulletin: Vulnerabilities in commons-codec-1.11.jar affecting MongoDB Enterprised Advanced (CVE-2020-15250, CVE-2025-48924)
Summary There are 2 vulnerabilities in commons-codec-1.11.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2020-15250, CVE-2025-48924. The vulnerabilities have been addressed. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attack...
UBUNTU-CVE-2026-2447
Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...
CVE-2025-58480
The CVE-2025-58480 entry describes a heap-based buffer overflow in Samsung’s libimagecodec.quram.so used by the JPEG decoding path. The issue arises in the decoder component and allows remote attackers to access out-of-bounds memory, with documented PoC showing a crafted JPEG could trigger a cras...
CVE-2025-58479
CVE-2025-58479 concerns an out-of-bounds read in libimagecodec.quram.so. Connected documents show a PoC demonstrating an out-of-bounds read/write in Samsung QuramDng image parsing, triggered by a malformed DNG embedded in a JPEG, leading to memory corruption and potential crashes on Samsung devic...
CVE-2025-58479
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...
EUVD-2025-200139
Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...
CVE-2025-58478
Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...
EUVD-2025-200141
Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...
PT-2025-48595
Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory...
CVE-2025-21075
Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory...
CVE-2025-21074
Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory...
CVE-2025-21074
Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory...
CVE-2025-21074
Out-of-bounds read in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory...
EUVD-2025-33677
Out-of-bounds read and write in libimagecodec.quram.so prior to SMR Oct-2025 Release 1 allows remote attackers to access out-of-bounds memory...
CVE-2025-21055
CVE-2025-21055 concerns an out-of-bounds read/write in Samsung’s QuramDNG codec library, specifically the shared object libimagecodec.quram.so. The root cause is memory boundary violations when processing certain image data, enabling a remote attacker to access memory outside the intended buffers...
CVE-2025-21042
Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2025 Release 1 allows remote attackers to execute arbitrary code...
EUVD-2025-29028
Out-of-bounds write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to execute arbitrary code...