PT-2024-18936 · Audify · Audify

Name of the Vulnerable Software and Affected Versions: audify versions all Description: The issue arises from improper validation of array index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions, as it is not checked for negative values. This can le...

SUSE CVE-2024-37298

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...

PT-2024-13203 · Cobham · Cobham Sailor Vsat Ku

Name of the Vulnerable Software and Affected Versions: Cobham SAILOR VSAT Ku version 164B019 Description: The issue is related to a Cross Site Scripting XSS vulnerability, which allows a remote attacker to execute arbitrary code via a crafted script to the c set rslog decode function in the acu w...

PT-2024-40053 · Eth Abi · Eth Abi

Name of the Vulnerable Software and Affected Versions: eth-abi affected versions not specified Description: The issue is related to a recursive pointer problem. It can cause an OverflowError when decoding a specially crafted payload using the decode function from the eth abi module. The error...

CVE-2023-51773

BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacappdecodeapplicationdata in bacapp.c...

CVE-2023-51773

BACnet Stack before 1.3.2 has a decode function APDU buffer over-read in bacappdecodeapplicationdata in bacapp.c...

Improper Validation of Array Index

Overview audify is a Play/Stream/Record PCM audio data & Encode/Decode Opus to PCM audio data Affected versions of this package are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions it is not checked...

CVE-2023-51773

BACnet Stack before 1.3.2 is affected by a decode function APDU buffer over-read in bacapp_decode_application_data (bacapp.c). The vulnerability affects BACnet Stack prior to version 1.3.2 and can impact confidentiality and availability due to a buffer over-read. No explicit exploitation details ...

PT-2023-33060 · Unknown +1 · Ethereum Abi Decoder +1

Name of the Vulnerable Software and Affected Versions: Ethereum ABI decoder affected versions not specified Description: A potential denial-of-service DoS vector exists in the Ethereum ABI decoder due to the specification allowing zero-sized-types ZST. This can cause excessive resource consumptio...

The vulnerability of the yajl_string_decode function in the yajl_encode.c component of the YAJL-ruby library allows a attacker to cause a service failure.

The vulnerability of the yajlstringdecode function in the yajlencode.c component of the YAJL-ruby library is related to insufficient processing of the format string. Exploiting this vulnerability could allow a malicious actor to cause a service failure by using a specially created JSON file...

AZL-30056 CVE-2023-44466 affecting package kernel for versions less than 5.15.135.1-2

An issue was discovered in net/ceph/messengerv2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in cephdecode32...

PT-2023-28356 · Vyper · Vyper

Name of the Vulnerable Software and Affected Versions: Vyper versions prior to 0.3.10 Description: The abi decode function in Vyper does not validate input when it is nested in an expression, allowing for bounds checking to be bypassed and resulting in incorrect results. This can be triggered by...

CVE-2023-38905

SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PGSleep, DBMSLock.Sleep, Waitfor, DECODE, and DBMSPIPE.RECEIVEMESSAGE functions...

Improper Neutralization

getkirby/cms is vulnerable to Improper Neutralization. The vulnerability exists in the decode function at Txt.php due to a field injection bug in the content storage implementation which allows an attacker to inject malicious data or code...

PT-2023-26794 · Gnu +3 · Gdb +3

Name of the Vulnerable Software and Affected Versions: GNU gdb GDB version 13.0.50.20220805-git Description: A stack overflow issue was discovered in the function ada decode at /gdb/ada-lang.c. This issue affects the GNU gdb GDB debugger. Recommendations: For GNU gdb GDB version...

The vulnerability of the ezxml_decode function in the XML document syntax analysis library ezXML allows a attacker to cause a service failure.

The vulnerability of the ezxmldecode function in the ezXML XML syntax analysis library involves reading data beyond the allowable buffer size. Exploiting this vulnerability allows a malicious actor to cause service interruptions by using a specially created XML file...

golang: encoding/pem: fix stack overflow in Decode

A buffer overflow flaw was found in Golang's library encoding/pem. This flaw allows an attacker to use a large PEM input more than 5 MB, causing a stack overflow in Decode, which leads to a loss of availability...

Denial Of Service (DoS)

libjxl.so is vulnerable to Denial of Service DoS. The vulnerability exists due to an integer underflow in the Decode function at decpatchdictionary.cc because the function doesn't properly check that all patches are in bounds resulting in an application crash...

SUSE CVE-2018-11206

An out of bounds read was discovered in H5Ofillnewdecode and H5Ofillolddecode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack...

SUSE CVE-2020-18773

An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service DOS via a crafted tif file...