gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization

A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

tpm2-tss: Buffer Overlow in TSS2_RC_Decode

A flaw was found in tpm2-tss, which is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In affected versions, Tss2RCSetHandler and Tss2RCDecode index into the layerhandler with an 8-bit layer number, but the array only ha...

opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case a different issue than CVE-2020-6851.

...

Uncontrolled Resource Consumption ('Resource Exhaustion')

Overview Affected versions of this package are vulnerable to Uncontrolled Resource Consumption 'Resource Exhaustion' through the Gif decoder. An attacker can cause the application to consume excessive memory resources by processing specially crafted image files. Workaround This vulnerability can ...

SUSE CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

CLSA-2024-1721206783 freerdp: Fix of 12 CVEs

CVE-2023-39352: add bound check in gdiSolidFill - CVE-2023-39353: check indices are within range - CVE-2023-39356: fix checks for multi opaque rect - CVE-2023-40181: fix cBitsRemaining calculation - CVE-2023-40186: fix integer multiplications - CVE-2023-40188: fix input length validation -...

UBUNTU-CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

AZL-44217 CVE-2023-39329 affecting package openjpeg2 2.3.1-12

A flaw was found in OpenJPEG. A resource exhaustion can occur in the opjt1decodecblks function in tcd.c through a crafted image file, causing a denial of service...

UBUNTU-CVE-2023-39329

A flaw was found in OpenJPEG. A resource exhaustion can occur in the opjt1decodecblks function in tcd.c through a crafted image file, causing a denial of service...

OSV-2024-637 Heap-buffer-overflow in ih264d_format_convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69682 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert isvcdvideodecode isvcdapifunction...

PT-2024-40810 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap buffer overflow issue is reported, which can cause a crash. The crash occurs in the ih264d format convert and ih264d decode picture thread...

Denial Of Service (DoS)

audify is vulnerable to Denial Of Service DoS. The vulnerability is due to frameSize not being checked for negative values when provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions, which can lead to a process crash...

GHSA-7VHM-FMPH-7WXW audify vulnerable to Improper Validation of Array Index

All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions it is not checked for negative values. This can lead to a process crash...

CVE-2024-21522

All versions of the package audify are vulnerable to Improper Validation of Array Index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions it is not checked for negative values. This can lead to a process crash...

PT-2024-18936 · Audify · Audify

Name of the Vulnerable Software and Affected Versions: audify versions all Description: The issue arises from improper validation of array index when frameSize is provided to the new OpusDecoder.decode or new OpusDecoder.decodeFloat functions, as it is not checked for negative values. This can le...

tpm2-tss: Buffer Overlow in TSS2_RC_Decode

A flaw was found in tpm2-tss, which is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In affected versions, Tss2RCSetHandler and Tss2RCDecode index into the layerhandler with an 8-bit layer number, but the array only ha...

OESA-2024-1804 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

OpenJPEG Resource Management Error Vulnerability

OpenJPEG is an open source C-based JPEG2000 codec. A resource management error vulnerability exists in OpenJPEG, which stems from a resource exhaustion condition in the opjt1decodecblks function in tcd.c. The vulnerability is caused by a resource exhaustion condition...

SUSE CVE-2024-37298

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...