Astra Linux - уязвимость в libstb

It was discovered that stbimage.h v2.27 contains an integer overflow vulnerability through the stbijpegdecodeblockprogdc function. This vulnerability allows attackers to cause a Denial of Service DoS attack through unspecified vectors...

Astra Linux – Vulnerability in libstb

It was discovered that STB v2.27 contains an integer shift of invalid size in the component stbijpegdecodeblockprogac...

[SECURITY] [DLA 4493-1] libstb security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4493-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA February 26, 2026 https://wiki.debian.org/LTS -...

EUVD-2022-32534

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-29421

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3decodeblock. CVE-2023-29421 Note that Nessus relies on the...

PT-2024-40722 · Exiv2 · Exiv2

Name of the Vulnerable Software and Affected Versions: Exiv2 affected versions not specified Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the Exiv2::AsfVideo::GUIDTag::GUIDTag, Exiv2::AsfVideo::streamProperties, and...

DEBIAN-CVE-2023-29419

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3decodeblock out-of-bounds read...

DEBIAN-CVE-2023-29421

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3decodeblock...

UBUNTU-CVE-2023-29416

An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3decodeblock out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais...

PT-2023-22249 · Bzip3 · Bzip3

Name of the Vulnerable Software and Affected Versions: bzip3 versions prior to 1.2.3 Description: An issue was discovered in libbzip3.a. There is an out-of-bounds write in the bz3 decode block function. Recommendations: For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the...

PT-2023-22248 · Bzip3 · Bzip3

Name of the Vulnerable Software and Affected Versions: bzip3 versions prior to 1.2.3 Description: An issue was discovered in libbzip3.a. There is a crash caused by an invalid memmove in bz3 decode block. Recommendations: For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the...

SUSE CVE-2016-6920

Heap-based buffer overflow in the decodeblock function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service application crash via vectors involving tile positions...

SUSE CVE-2017-6832

Heap-based buffer overflow in the decodeBlock in MSADPCM.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0, 0.2.7 allows remote attackers to cause a denial of service crash via a crafted file...

SUSE CVE-2017-7865

FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideodecodeblockopcode0xA function in libavcodec/interplayvideo.c and the avcodecaligndimensions2 function in libavcodec/utils.c...

SUSE CVE-2018-18828

There exists a heap-based buffer overflow in vc1decodeiblockadv in vc1block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file...

SUSE CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

The vulnerability in the `QuickTimeVideo::decodeBlock` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata from Exiv2 allows a attacker to perform a denial-of-service attack.

The vulnerability in the QuickTimeVideo::decodeBlock function of the quicktimevideo.cpp file in the library and command-line utilities for managing image metadata in Exiv2 is related to pointer aliasing errors. Exploiting this vulnerability could allow an attacker to trigger a denial-of-service...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the stbijpegdecodeblockprogdc function. Remediation There is no fixed version for stb. References - GitHub Issue - GitHub PR Credit: Pietro Borrello...

CVE-2022-28048

STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...

DEBIAN-CVE-2022-28041

stbimage.h v2.27 was discovered to contain an integer overflow via the function stbijpegdecodeblockprogdc. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors...