PT-2021-8087 · Heimdal +7 · Heimdal +7

Name of the Vulnerable Software and Affected Versions: Heimdal versions prior to 7.7.1 Description: The issue is related to an invalid free in the ASN.1 codec used by the Key Distribution Center KDC, which can be exploited by remote attackers to execute arbitrary code. This can also lead to...

Huawei Emui and Magic UI codec detection module memory leak vulnerability

Huawei Emui, a mobile operating system developed on Android, and Magic Ui, a mobile operating system developed on Android, are vulnerable to a memory leak in the Huawei Emui and Magic UI codec detection modules. An attacker could exploit the vulnerability to cause the device to run out of memory...

CVE-2021-37046

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion...

CVE-2021-37046

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion...

Memory corruption

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion...

CVE-2021-37046

Public technical details (affected products, specific versions, root cause, and fixes) are not provided in the supplied documents. Monitor for updates from official advisories for Huawei devices and EMUI/Magic UI codecs.

CVE-2021-37046

There is a Memory leak vulnerability with the codec detection module in Huawei Smartphone.Successful exploitation of this vulnerability may cause the device to restart due to memory exhaustion...

Aom 代码问题漏洞

Aom is a next-generation open-source digital media technology for everyone organized by the Alliance For Open Media AOM. A security vulnerability exists in AOM version 2.0.1, which stems from the presence of a dereferenced NULL pointer in component av1/av1dxiface.c. The vulnerability is caused by...

netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...

Speex Dezero Error Vulnerability

Speex is an open source audio codec. version 1.2 of Speex is vulnerable to a divide by zero error in the static int readsamples function. An attacker can exploit the vulnerability to cause a denial of service via a specially crafted WAV file...

CVE-2020-23890

A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service DoS via a crafted JPG file. Related to Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at JPGCodec+0x753648...

Moderate: Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.1.5 security update

An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

PT-2021-23611 · Unknown +2 · Clickhouse +1

Name of the Vulnerable Software and Affected Versions: Clickhouse affected versions not specified Description: The issue is related to a divide-by-zero error in Clickhouse's Delta compression codec. This error occurs when parsing a malicious query, where the first byte of the compressed buffer is...

PT-2021-23612 · Unknown +2 · Clickhouse +1

Name of the Vulnerable Software and Affected Versions: Clickhouse affected versions not specified Description: The issue is related to a divide-by-zero error in Clickhouse's DeltaDouble compression codec. This occurs when parsing a malicious query, where the first byte of the compressed buffer is...

PT-2021-23613 · Unknown +2 · Clickhouse +1

Name of the Vulnerable Software and Affected Versions: ClickHouse affected versions not specified Description: The issue is related to a divide-by-zero error in ClickHouse's Gorilla compression codec. This occurs when parsing a malicious query, where the first byte of the compressed buffer is use...

CVE-2021-42391

Divide-by-zero in ClickHouse's Gorilla compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. JFrog Security Research Team...

CVE-2021-42390

Divide-by-zero in ClickHouse's DeltaDouble compression codec when parsing a malicious query. The first byte of the compressed buffer is used in a modulo operation without being checked for 0. JFrog Security Research Team...

Security Bulletin: IBM Cognos Analytics with Watson 11.2.1 has addressed multiple vulnerabilities

Summary Security vulnerabilities have been addressed in IBM Cognos Analytics with Watson 11.2.1 Vulnerability Details CVEID: CVE-2017-12620 DESCRIPTION: Apache OpenNLP could allow a remote attacker to obtain sensitive information, caused by an XXE attack when loading models or dictionaries that...

SELA Heap Buffer Overflow Vulnerability (CNVD-2021-73936)

SELA is a lossless audio codec. file::SelaFile::readFromFile in selafile.c in SELA 20200412 and earlier versions is vulnerable to a heap buffer overflow. No detailed vulnerability details are available at this time...

SELA null pointer dereference vulnerability (CNVD-2021-73934)

SELA is a lossless audio codec. A null pointer dereference vulnerability exists in the file::WavFile::WavFile function in wavfile.c in SELA 20200412 and earlier versions. An attacker could exploit this vulnerability to cause a denial of service...