CVE-2022-38900

CVE-2022-38900 is tied to the decode-uri-component package v0.2.0, with an Improper Input Validation defect that can cause a DoS. The connected IBM/Advisory documents in the provided set do not disclose affected products, specific exploit vectors, or a remediation version. No additional technical...

decode-uri-component 输入验证错误漏洞

decode-uri-component is a decode URI component by the individual developer Sam Verschueren. A security vulnerability exists in decode-uri-component version 0.2.0, which stems from insufficient validation of user input...

PT-2022-36791 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow read issue is identified, potentially causing a crash. The crash involves the functions bit calc CRC, decode preR13, and dwg decod...

PT-2025-38331

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where the core thread may call v4l2 m2m buf done to set the destination buffer to done for late architecture. If the late architecture calls v4l2 m2m b...

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service

An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

kernel: NFSD: Fix exposure in nfsd4_decode_bitmap()

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix exposure in nfsd4decodebitmap The Linux kernel CVE team has assigned CVE-2021-47213 to this issue...

PT-2024-11228 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the NFSD, specifically in the nfsd4 decode bitmap function. The issue was reported by [email protected]. Recommendation...

golang: encoding/gob: stack exhaustion in Decoder.Decode

A flaw was found in golang. When calling Decoder, Decode on a message that contains deeply nested structures, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

Amazon Linux 2 : go-rpm-macros (ALAS-2022-1863)

The version of go-rpm-macros installed on the remote host is prior to 3.0.15-23. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1863 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this...

UBUNTU-CVE-2022-43043

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BDCheckSFTimeOffset at /bifs/fielddecode.c...

CVE-2022-43043

GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BDCheckSFTimeOffset at /bifs/fielddecode.c...

GPAC 安全漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version 2.1-DEV-rev368-gfd054169b-master, which stems from a function BDCheckSFTimeOffset in /bifs/fielddecode.c that contains a segmentation violation...

Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple Go vulnerabilities

Summary Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to multiple Go vulnerabilities with details below Vulnerability Details CVEID:CVE-2022-30631 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by an uncontrolled recursion flaw in...

PT-2022-17186 · Unknown · Sflow Decode Package

Name of the Vulnerable Software and Affected Versions: sflow decode package versions prior to 3.4.4 Description: The issue is related to insufficient packet sanitization in the sflow decode package, which can lead to a denial of service attack. Attackers can craft malformed packets, causing the...

CVE-2022-40141

A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a particular Apex One server...

PT-2022-33396 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v5.19.3 Description: The issue is related to the cxl hdm decode init function calling convention. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versio...

CLSA-2022-1663184017 Fixed CVEs in curl: CVE-2022-32208, CVE-2022-32206

CVE-2022-32208: krb5: fix returning error on decode errors - CVE-2022-32206: contentencoding: return error on too many compression steps - fix a curl.spec's comment about applying TuxCare ELS patches - improve the test system by repeating failed tests several times...

CLSA-2022-1663183179 Fixed CVEs in curl: CVE-2022-32208, CVE-2022-32206

CVE-2022-32208: krb5: fix returning error on decode errors - CVE-2022-32206: contentencoding: return error on too many compression steps - fix a curl.spec's comment about applying TuxCare ELS patches - improve the test system by repeating failed tests several times...