netty-codec-http: Allocation of Resources Without Limits or Throttling

A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until ...

DEBIAN-CVE-2021-47502

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd934x: handle channel mappping list correctly Currently each channel is added as list to dai channel list, however there is danger of adding same channel to multiple dai channel list which endups corrupting the...

CVE-2024-5168

Improper access control vulnerability in Prodys' Quantum Audio codec affecting versions 2.3.4t and below. This vulnerability could allow an unauthenticated user to bypass authentication entirely and execute arbitrary API requests against the web application...

CVE-2024-5168 Improper access control vulnerability in Prodys Quantum Audio codec

Improper access control vulnerability in Prodys' Quantum Audio codec affecting versions 2.3.4t and below. This vulnerability could allow an unauthenticated user to bypass authentication entirely and execute arbitrary API requests against the web application...

CVE-2024-5168 Improper access control vulnerability in Prodys Quantum Audio codec

Improper access control vulnerability in Prodys' Quantum Audio codec affecting versions 2.3.4t and below. This vulnerability could allow an unauthenticated user to bypass authentication entirely and execute arbitrary API requests against the web application...

kernel: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in sndac97mixer smatch error: sound/pci/ac97/ac97codec.c:2354 sndac97mixer error: we previously assumed 'rac97' could be null see line 2072 remove redundant assignment, return error if...

CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

DEBIAN-CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

UBUNTU-CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

CVE-2023-52736

The CVE-2023-52736 entry concerns the Linux kernel ALSA HDA stack. The vulnerability arises from how ASoC codec drivers reuse hda_codec_driver_probe/remove() from hda_bind.c and how snd_hda_codec_cleanup_for_unbind() unsets the preset. Preset is assigned once during device/driver matching, but AS...

CVE-2023-52736 ALSA: hda: Do not unset preset when cleaning up codec

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

CVE-2023-52736 ALSA: hda: Do not unset preset when cleaning up codec

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

CVE-2023-52736

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Do not unset preset when cleaning up codec Several functions that take part in codec's initialization and removal are re-used by ASoC codec drivers implementations. Drivers mimic the behavior of...

UBUNTU-CVE-2024-35921

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix oops when HEVC init fails The stateless HEVC decoder saves the instance pointer in the context regardless if the initialization worked or not. This caused a use after free, when the pointer is freed i...

CVE-2023-52697

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdwrtsdcajackcommon: ctx-headsetcodecdev = NULL sofsdwrtsdcajackexit are used by different codecs, and some of them use the same dai name. For example, rt712 and rt713 both use "rt712-sdca-aif1" and...

Security Bulletin: An IBM QRadar SIEM ArielRESTAPI protocol is vulnerable to Improper Validation (177835)

Summary The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal and is vulnerable to improper validation of input. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtai...

Medium: freerdp

Issue Overview: FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in freerdpbitmapplanarcontextreset leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are n...

PT-2024-40776 · Libvpx · Libvpx

Name of the Vulnerable Software and Affected Versions: libvpx affected versions not specified Description: The issue is related to a crash caused by a use-of-uninitialized-value error. The crash occurs in the vpx codec peek stream info function, as reported by the OSS-Fuzz tool. Recommendations: ...

netty-codec-http: Allocation of Resources Without Limits or Throttling

A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until ...