3143 matches found
Debian dla-3176 : clickhouse-client - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3176 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3176-1 [email protected]...
kernel: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error
In the Linux kernel, the following vulnerability has been resolved: ASoC: rt711-sdca: fix kernel NULL pointer dereference when IO error The initial settings will be written before the codec probe function. But, the rt711-component doesn't be assigned yet. If IO error happened during initial...
Amazon Linux 2022 : libsndfile, libsndfile-devel, libsndfile-utils (ALAS2022-2022-175)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-175 advisory. An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file via tricking a user to open or otherwise to an application linke...
Debian dla-3178 : ffmpeg - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3178 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3178-1 [email protected] https://www.debian.org/lts/security/...
netty: control chars in header names may lead to HTTP request smuggling
A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling...
netty: control chars in header names may lead to HTTP request smuggling
A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling...
netty: control chars in header names may lead to HTTP request smuggling
A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling...
Security Bulletin: Vulnerability in Apache Commons Codec 1.7 shipped with IBM Operations Analytics - Log Analysis
Summary Vulnerability in Apache Commons Codec 1.7 could allow a remote attacker to obtain sensitive information. Vulnerability Details IBM X-Force ID: 177835 DESCRIPTION: Apache Commons Codec could allow a remote attacker to obtain sensitive information, caused by the improper validation of input...
DEBIAN-CVE-2022-43241
Libde265 v1.0.8 was discovered to contain an unknown crash via ffhevcputhevcqpelv38sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...
Libde265 安全漏洞
Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.8, which stems from ffhevcputhevcqpelh3v3sse in sse-motion.cc contains an unknown crash that can be exploited by an attacker to cause a denial of service DoS via a crafted video file...
EulerOS 2.0 SP3 : libsndfile (EulerOS-SA-2022-2620)
According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file via...
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2022-2570)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2022-7253 · Libde265 +4 · Libde265 +4
Name of the Vulnerable Software and Affected Versions: Libde265 versions 1.0.8 Description: The issue is related to a heap-buffer-overflow vulnerability via the ff hevc put weighted pred avg 8 sse function in sse-motion.cc. This allows attackers to cause a Denial of Service DoS via a crafted vide...
EulerOS Virtualization 3.0.6.0 : libsndfile (EulerOS-SA-2022-2570)
According to the versions of the libsndfile packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially...
Huawei EulerOS: Security Advisory for libsndfile (EulerOS-SA-2022-2513)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : libsndfile (EulerOS-SA-2022-2513)
According to the versions of the libsndfile package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially...
netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way
A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service...
Important: Red Hat Security Advisory: Service Registry (container images) release and security update [2.3.0.GA]
An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact o...
netty: control chars in header names may lead to HTTP request smuggling
A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling...
Debian dla-3126 : libsndfile1 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3126 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3126-1 [email protected] https://www.debian.org/lts/security/...