CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2022/07/08 12:0 a.m.•24 views

EulerOS 2.0 SP9 : libsndfile (EulerOS-SA-2022-1970)

According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file via...

Tenable Nessus•added 2022/07/08 12:0 a.m.•39 views

EulerOS 2.0 SP9 : libsndfile (EulerOS-SA-2022-2000)

RedHat Linux•added 2022/07/07 2:19 p.m.•1 views

netty: control chars in header names may lead to HTTP request smuggling

A flaw was found in Netty, specifically in the netty-codec-http package. This flaw allows unauthorized control characters at the beginning and end of a request, does not follow the specification, and can cause HTTP request smuggling...

Tenable Nessus•added 2022/06/29 12:0 a.m.•34 views

Debian DLA-3058-1 : libsndfile - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3058 advisory. Two issues have been found in libsndfile, a library for reading/writing audio files. CVE-2017-12562 Due to a possible heap buffer overflow attack in an attacker...

9.8CVSS6.9AI score0.03978EPSS

Exploits1References7

BDU FSTEC•added 2022/06/27 12:0 a.m.•4 views

The vulnerability of the AV1 Video Extension codec, which stems from insufficient validation of input data, allows attackers to execute arbitrary code.

The vulnerability of the AV1 Video Extension codec is related to insufficient validation of input data. Exploiting this vulnerability can allow attackers to execute arbitrary code...

7.8CVSS7.7AI score0.02103EPSS

Exploits0References5Affected Software1

Tenable Nessus•added 2022/06/22 12:0 a.m.•39 views

EulerOS 2.0 SP8 : libsndfile (EulerOS-SA-2022-1936)

According to the versions of the libsndfile packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file vi...

OSV•added 2022/06/18 7:15 a.m.•2 views

UBUNTU-CVE-2014-125007

A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intrapred of the file libavcodec/hevcpredtemplate.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this...

5.5CVSS5.1AI score0.0063EPSS

Exploits0References4

Tenable Nessus•added 2022/06/17 12:0 a.m.•41 views

EulerOS 2.0 SP5 : libsndfile (EulerOS-SA-2022-1899)

RedHat Linux•added 2022/06/16 2:52 p.m.•4 views

netty: control chars in header names may lead to HTTP request smuggling

Amazon•added 2022/06/07 12:0 a.m.•53 views

Medium: python

Issue Overview: In Python3's Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP. CVE-2020-27619 The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. Wh...

9.8CVSS7.6AI score0.35963EPSS

Exploits4

RedHat Linux•added 2022/06/06 4:0 p.m.•1 views

netty: control chars in header names may lead to HTTP request smuggling

RedHat Linux•added 2022/06/06 3:54 p.m.•3 views

netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...

7.5CVSS7.4AI score0.05651EPSS

RedHat Linux•added 2022/06/06 3:54 p.m.•3 views

netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way

A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service...

7.5CVSS7.3AI score0.0628EPSS

RedHat Linux•added 2022/06/06 3:54 p.m.•2 views

netty: control chars in header names may lead to HTTP request smuggling

RedHat Linux•added 2022/06/06 3:11 p.m.•7 views

netty: control chars in header names may lead to HTTP request smuggling

RedHat Linux•added 2022/06/06 3:11 p.m.•3 views

netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...

7.5CVSS7.4AI score0.05651EPSS

Veracode•added 2022/06/03 3:45 p.m.•23 views

Denial Of Service (DoS)

libsndfile is vulnerable to denial of service. The vulnerability exists due to an out-of-bounds read in libsndfile's FLAC codec functionality allowing an attacker to crash the system by submitting a specially crafted file via tricking a user to open or otherwise to an application linked with...

7.1CVSS3.6AI score0.01754EPSS

Exploits1References9Affected Software1

RedHat Linux•added 2022/05/18 10:56 a.m.•3 views

netty: control chars in header names may lead to HTTP request smuggling