CVE-2020-0236

In A2DPGetCodecType of a2dpcodecconfig, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android, Versions: Android-10...

The vulnerability of the HEVC Video Extension codec, which arises due to insufficient validation of input data, allows attackers to execute arbitrary code.

The vulnerability of the HEVC Video Extension codec exists due to insufficient checks on input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Google Android 缓冲区错误漏洞

Google Android is a Linux-based open source operating system from Google and the Open Handheld Consortium Google. An input validation error vulnerability exists in A2DPGetCodecType for Google Android, which arises from the possibility that a program could read out-of-bounds due to improper input...

openSUSE Security Update : blosc (openSUSE-2020-2337)

This update for blosc fixes the following issues : Update to version 1.20.1 boo1179914 CVE-2020-29367 : - More saftey checks have been implemented so that potential flaws discovered by new fuzzers in OSS-Fuzzer are fixed now - BloscLZ updated to 2.3.0. Expect better compression ratios for faster...

EulerOS 2.0 SP3 : python (EulerOS-SA-2021-1114)

According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP.CVE-2020-27619 -...

Receiver upgrade on VDA to Citrix Workspace App will cause Grey Output from Webcam

In this scenario, the VDA 7.15 CU3 comes with Receiver 4.12 in the original installation. However, due to a security concern, the Receiver needed to be updated to Citrix Workspace 1912. After the update, when using the webcam, the camera is detected, but instead of the image, only a grey field is...

The vulnerability of the Opus audio codec in browsers like Firefox, Firefox ESR, and the email client Thunderbird allows a hacker to trigger a service failure.

The vulnerability of the Opus audio codec in browsers like Firefox, Firefox ESR, and the email client Thunderbird is related to reading data from memory beyond the buffer boundaries. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

Fedora: Security Advisory for flac (FEDORA-2021-df42ebeac2)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: flac-1.3.3-4.fc33

FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, flac, a command-line program to encode and decode FLAC files, metaflac, a command-line...

av-codec (>=0.1.0 <=0.2.1), av-format (>=0.1.0 <=0.3.0) +3 more potentially affected by CVE-2021-25904 via av-data (>=0.1.0 <=0.2.2)

av-data CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.1 - libaom =0.2.0 - libvpx =0.1.0 Source cves: CVE-2021-25904 Source advisory: OSV:RUSTSEC-2021-0007...

USN-4682-1: WavPack vulnerability

It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash...

EulerOS Virtualization for ARM 64 3.0.2.0 : augeas (EulerOS-SA-2021-1042)

According to the versions of the augeas package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The Opus codec is designed for interactive speech and audio transmission over the Internet. It is designed by the IETF...

DEBIAN-CVE-2020-35965

decodeframe in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations...

CVE-2020-35902

An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed...

CVE-2020-35902

An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed...

Design/Logic Flaw

An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed...

CVE-2020-35902

An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed...

CVE-2020-35902

CVE-2020-35902 affects the actix-codec crate prior to 0.3.0-beta.1 for Rust, with a use-after-free in Framed caused by lack of proper pinning. The issue is documented in RUSTSEC-2020-0049 and various feeds (Red Hat, OSV, GHSA). Impact is reflected in CVSS metrics (up to Critical in v3.1, HIGH in ...

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust actix-codec crate before 0.3.0-beta.1, which stems from having a use-after-free framework...

MGASA-2020-0477 Updated python3 packages fix security vulnerability

In Python 3 through 3.9.0, the Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP CVE-2020-27619...