SUSE CVE-2018-6912

The decodeplane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service out of array read via a crafted AVI file...

SUSE CVE-2018-10001

The decodeinit function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service out of array read via an AVI file...

SUSE CVE-2019-12454

An issue was discovered in wcd9335codecenabledec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdupnul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a vulnerability...

SUSE CVE-2020-11524

libfreerdp/codec/interleaved.c in FreeRDP versions 1.0 through 2.0.0-rc4 has an Out-of-bounds Write...

SUSE CVE-2020-27619

In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP...

SUSE CVE-2021-4156

An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file via tricking a user to open or otherwise to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most...

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

Ubuntu 20.04 LTS / 22.04 LTS : WebKitGTK vulnerabilities (USN-5867-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5867-1 advisory. Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website,...

Debian: Security Advisory (DSA-5346-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5346-1] libde265 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5346-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 10, 2023 https://www.debian.org/security/faq -...

heap-buffer-overflow in function gf_m2ts_process_tdt_tot media_tools/mpegts.c

Version ./MP4Box -version MP4Box - GPAC version 2.3-DEV-rev40-g3602a5ded-master c 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929 GPAC: https://doi.org/10.1145/1291233.1291452 GPAC...

codec-haproxy: HAProxyMessageDecoder Stack Exhaustion DoS

A flaw was found in codec-haproxy from the Netty project. This flaw allows an attacker to build a malformed crafted message and cause infinite recursion, causing stack exhaustion and leading to a denial of service DoS...

Fedora 37 : webkitgtk (2023-5210df1dd1)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5210df1dd1 advisory. Improve GStreamer multimedia playback across the board with improved codec selection logic, better handling of latency, and improving frame discard ...

Debian: Security Advisory (DLA-3280-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3280-1] libde265 security update

Debian LTS Advisory DLA-3280-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost January 24, 2023 https://wiki.debian.org/LTS Package : libde265 Version : 1.0.3-1+deb10u2 CVE ID : CVE-2020-21596 CVE-2020-21597 CVE-2020-21598 CVE-2022-43235 CVE-2022-43236 CVE-2022-43237...

openSUSE 15 Security Update : netty (SUSE-SU-2022:1315-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:1315-1 advisory. - Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers &...

GO-2023-1269 Panic in encoding in github.com/ipld/go-ipld-prime

Encoding data using the 'json' codec which contains a 'Bytes' type Node will cause the encoder to panic. The decoder is not impacted. If the codec is used to encode user supplied data, this may be used as a vector for a denial of service attack...

OPENSUSE-SU-2023:0019-1 Security update for libheimdal

This update for libheimdal fixes the following issues: Update to version 7.8.0 - CVE-2022-42898 PAC parse integer overflows - CVE-2022-3437 Overflows and non-constant time leaks in DES,3 and arcfour - CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array - CVE-2021-44758 A nu...

Denial Of Service (DoS)

github.com/ipld/go-ipld-prime is vulnerable to denial of service. The vulnerability exists because the Marshal function of marshal.go does not properly encode plain JSON codec into bytes or links, allowing an attacker to cause an application crash. This only affects the "json" codec; the "dag-jso...

FreeBSD : cassandra3 -- multiple vulnerabilities (53caf29b-9180-11ed-acbe-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 53caf29b-9180-11ed-acbe-b42e991fc52e advisory. - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI...