8 matches found
CVE-2025-66199
Issue summary: A TLS 1.3 connection using certificate compression can be forced to allocate a large buffer before decompression without checking against the configured certificate size limit. Impact summary: An attacker can cause per-connection memory allocations of up to approximately 22 MiB and...
The vulnerability of the VP9 video compression extension lies in its insufficient protection of service data, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the VP9 video compression extension lies in the insufficient protection of service data. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information by downloading a specially created malicious file...
SUSE-SU-2022:2314-1 Security update for rsyslog
This update for rsyslog fixes the following issues: - CVE-2022-24903: fix potential heap buffer overflow in modules for TCP syslog reception bsc1199061 Upgrade to rsyslog 8.2106.0 bsc1188039 NOTE: the prime new feature is support for TLS and non-TLS connections via imtcp in parallel. Furthermore,...
The vulnerability of the VP9 video compression extension lies in improper code generation, which allows an attacker to execute arbitrary code.
The vulnerability of the VP9 video compression extension lies in improper code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted request...
The vulnerability of the VP9 video compression extension lies in improper code generation, which allows an attacker to execute arbitrary code.
The vulnerability of the VP9 video compression extension lies in improper code generation. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted request...
The vulnerability of the VP9 video compression extension lies in its information disclosure feature, which allows attackers to access confidential information.
The vulnerability of the VP9 video compression extension relates to the disclosure of information. Exploiting this vulnerability may allow an attacker to access confidential information...
The vulnerability of the VP9 video compression extension lies in improper code generation, which allows an attacker to execute arbitrary code.
The vulnerability of the VP9 video compression extension lies in improper code generation. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CVE-2021-21419
Eventlet is a concurrent networking library for Python. A websocket peer may exhaust memory on Eventlet side by sending very large websocket frames. Malicious peer may exhaust memory on Eventlet side by sending highly compressed data frame. A patch in version 0.31.0 restricts websocket frame to...