Lucene search
+L

73 matches found

veracode
veracode
added 2023/02/27 9:12 p.m.22 views

Denial Of Service (DoS)

tar is vulnerable to Denial Of Service DoS. The vulnerability exists due to the one-byte out-of-bounds read that results in the use of uninitialized memory for a conditional jump, allowing an attacker to cause an application crash through the fromheader in list.c via a V7 archive in which mtime h...

5.5CVSS7.3AI score0.04524EPSS
Exploits1References11Affected Software2
nessus
nessus
added 2023/02/18 12:0 a.m.26 views

SUSE SLES12 Security Update : tar (SUSE-SU-2023:0441-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0441-1 advisory. - CVE-2022-48303: Fixed a one-byte out-of-bounds read that resulted in use of uninitialized memory for a conditional jump bsc1207753. Tenabl...

5.5CVSS6.7AI score0.04524EPSS
Exploits1References4
susecve
susecve
added 2023/02/15 4:12 a.m.4 views

SUSE CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

3.3CVSS6.8AI score0.03044EPSS
Exploits1References8
snyk
snyk
added 2023/01/31 9:19 a.m.1 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds in fromheader via a V7 archive in which mtime have approximately 11 whitespace characters. It results in the use of uninitialized memory for a conditional jump. Remediation A fix was pushed into the master branch but not y...

8.6CVSS6.9AI score0.04524EPSS
Exploits1References2
osv
osv
added 2023/01/30 4:15 a.m.36 views

CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS5AI score
Exploits0References4
debiancve
debiancve
added 2023/01/30 12:0 a.m.84 views

CVE-2022-48303

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximately 11 whitespace...

5.5CVSS6.5AI score0.04524EPSS
Exploits1
cnnvd
cnnvd
added 2023/01/30 12:0 a.m.2 views

GNU Tar 缓冲区错误漏洞

GNU Tar is a set of tools for creating tar-formatted files from the American GNU community. A security vulnerability exists in GNU Tar versions 1.34 and earlier, which stems from the presence of a single-byte out-of-bounds read that results in a conditional jump using uninitialized memory...

5.5CVSS6.6AI score0.04524EPSS
Exploits1References18
redhatcve
redhatcve
added 2020/06/18 4:55 p.m.36 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

6.8CVSS3AI score0.02024EPSS
Exploits1References3
openvas
openvas
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for wavpack (EulerOS-SA-2019-2122)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.03044EPSS
Exploits1References2
nvd
nvd
added 2019/09/05 4:15 p.m.26 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

8.8CVSS8.7AI score0.02024EPSS
Exploits1References3
osv
osv
added 2019/09/05 4:15 p.m.22 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

8.8CVSS6.7AI score
Exploits0References3
prion
prion
added 2019/09/05 4:15 p.m.19 views

Design/Logic Flaw

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

6.8CVSS8.6AI score0.02024EPSS
Exploits1References3Affected Software1
ubuntucve
ubuntucve
added 2019/09/05 4:15 p.m.33 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

8.8CVSS7.2AI score0.02024EPSS
Exploits1References3
debiancve
debiancve
added 2019/09/05 3:38 p.m.47 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

8.8CVSS8.3AI score0.02024EPSS
Exploits1
cve
cve
added 2019/09/05 3:38 p.m.172 views

CVE-2019-15942

CVE-2019-15942 affects FFmpeg up to version 4.2. The vulnerability is a condition/branch issue in the H.264 parser (libavcodec/h2645_parse.c) where alloc_rbsp_buffer mishandles rbsp_buffer, resulting in a numeric/conditional jump based on an uninitialized value. This can lead to a crash under cra...

8.8CVSS8.4AI score0.02024EPSS
Exploits1References3Affected Software1
cvelist
cvelist
added 2019/09/05 3:38 p.m.36 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

8.6AI score0.02024EPSS
Exploits1References3
alpinelinux
alpinelinux
added 2019/09/05 3:38 p.m.52 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

8.8CVSS8.7AI score0.02024EPSS
Exploits1
nvd
nvd
added 2019/04/24 5:29 a.m.21 views

CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

6.5CVSS6.2AI score0.03044EPSS
Exploits1References9
osv
osv
added 2019/04/24 5:29 a.m.2 views

ALPINE-CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

6.5CVSS6.8AI score0.03044EPSS
Exploits1References1
debiancve
debiancve
added 2019/04/24 4:3 a.m.29 views

CVE-2019-11498

WavpackSetConfiguration64 in packutils.c in libwavpack.a in WavPack through 5.1.0 has a "Conditional jump or move depends on uninitialised value" condition, which might allow attackers to cause a denial of service application crash via a DFF file that lacks valid sample-rate data...

6.5CVSS5.6AI score0.03044EPSS
Exploits1
Rows per page
Query Builder