PT-2023-35825 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: The issue is related to a crash caused by a negative-size-param, which occurs in the H5MM memcpy function, called by H5O link decode and H5O msg iterate real. Recommendations: At the moment,...

UBUNTU-CVE-2023-2617

A vulnerability classified as problematic was found in OpenCV wechatqrcode Module up to 4.7.0. Affected by this vulnerability is the function DecodedBitStreamParser::decodeByteSegment of the file qrcode/decoder/decodedbitstreamparser.cpp. The manipulation leads to null pointer dereference. The...

UBUNTU-CVE-2023-2618

A vulnerability, which was classified as problematic, has been found in OpenCV wechatqrcode Module up to 4.7.0. Affected by this issue is the function DecodedBitStreamParser::decodeHanziSegment of the file qrcode/decoder/decodedbitstreamparser.cpp. The manipulation leads to memory leak. The attac...

DEBIAN-CVE-2023-32570

VideoLAN dav1d before 1.2.0 has a threadtask.c race condition that can lead to an application crash, related to dav1ddecodeframeexit...

PT-2023-9157 · Ofono +4 · Ofono +4

Name of the Vulnerable Software and Affected Versions: ofono affected versions not specified Description: A flaw was found in ofono, an Open Source Telephony on Linux, where a stack overflow bug is triggered within the decode deliver report function during SMS decoding. This issue is related to t...

PT-2023-7997 · Ofono +4 · Ofono +4

Name of the Vulnerable Software and Affected Versions: oFono affected versions not specified Description: A flaw in oFono, an Open Source Telephony on Linux, is related to a stack overflow bug triggered within the decode submit report function during SMS decoding in PDU format. This issue may all...

OpenCV 代码问题漏洞

OpenCV is an open source, cross-platform, lightweight computer vision library. A code issue vulnerability exists in the OpenCV wechatqrcode module, which stems from the function DecodedBitStreamParser::decodeByteSegment in the file qrcode/decoder/decodedbitstreamparser.cpp that could lead to null...

PT-2023-23880 · Videolan +3 · Dav1D +3

Name of the Vulnerable Software and Affected Versions: VideoLAN dav1d versions prior to 1.2.0 Description: The issue is related to a thread task.c race condition that can lead to an application crash. This condition is associated with the dav1d decode frame exit function. Recommendations: For...

golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service

An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service

An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...

PT-2023-22509 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.15.0-0 Description: A segment fault with Null Pointer Dereference occurs in the process of decoding subinfo decode and unsubinfo decode. This issue is related to the decoding process, which can lead to a crash. Recommendation...

CVE-2022-34144

Transient DOS due to reachable assertion in Modem during OSI decode scheduling...

Authentication flaw

Transient DOS due to reachable assertion in Modem during OSI decode scheduling...

CVE-2022-34144

CVE-2022-34144 is a Transient Denial of Service arising from a reachable assertion in the Modem during OSI decode scheduling. Documented across NVD/Red Hat/PRION/vuln enrichment entries, the issue targets a Modem component (Qualcomm-based ecosystems) and is rated High (CVSS 3.1: 7.5) with network...

CVE-2022-34144 Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem during OSI decode scheduling...

CVE-2022-34144 Reachable assertion in Modem

Transient DOS due to reachable assertion in Modem during OSI decode scheduling...

PT-2023-13342 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to a Transient DOS due to a reachable assertion in the Modem during OSI decode scheduling. Recommendations: At the moment, there is no information about a newer version...

Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service due to [CVE-2022-38900]

Summary Node.js module decode-uri-component is part of the Node.js runtime used by IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container operands may be vulnerable to denial of service. This bulletin provides patch information to address the reported...

[SECURITY] Fedora 36 Update: ffmpeg-5.0.3-1.fc36

FFmpeg is a leading multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter and play pretty much anything that humans and machines have created. It supports the most obscure ancient formats up to the cutting edge. No matter if they were designed by some standards...