An out-of-bounds (OOB) memory write flaw was found in the NFSD in the Linux kernel. Missing sanity may lead to a write beyond bmval[bmlen-1] in nfsd4_decode_bitmap4 in fs/nfsd/nfs4xdr.c. In this flaw a local attacker with user privilege may gain access to out-of-bounds memory leading to a system integrity and confidentiality threat.

...

rtl_433 安全漏洞

The rtl433 is a general purpose data receiver from the personal developer Benjamin Larsson. A program for decoding radio transmissions from devices in the Ism band and other frequencies. A security vulnerability exists in rtl433 version 21.12, which originates from an Off-by-one error when decodi...

CVE-2022-0150

The WP Accessibility Helper WAH WordPress plugin before 0.6.0.7 does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue...

CLSA-2022-1645466754 Fix of CVE: CVE-2021-43527

CVE-2021-43527: nss: Memory corruption in decodeECorDsaSignature with DSA signatures and RSA-PSS - Pin validation date for PayPalEE test cert...

Debian DSA-5082-1 : php7.4 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5082 advisory. Two security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure or denial of...

PT-2022-6793 · FFmpeg +5 · Ffmpeg +5

Name of the Vulnerable Software and Affected Versions: FFmpeg versions prior to 3.0 Description: An issue was discovered in the FFmpeg package, where the vp3 decode frame function in libavcodec/vp3.c lacks a check of the return value of av malloc, which will cause a null pointer dereference. This...

PT-2022-7205 · Libstb +3 · Libstb +3

Name of the Vulnerable Software and Affected Versions: Libstb versions prior to the version with the fixed stb image.h component stb image.h version 2.27 Description: The issue is related to a heap-based use-after-free in the stb image.h component of the Libstb library for C/C++. This can be...

PT-2022-7204 · Unknown +2 · Stb Image.H +2

Name of the Vulnerable Software and Affected Versions: stb image.h version 2.27 Description: The issue is related to an integer overflow in the stbi jpeg decode block prog dc function, which can be exploited by attackers to cause a Denial of Service DoS via unspecified vectors. This can allow a...

GHSA-24X4-6QMH-88QG Use after free in `DecodePng` kernel

Impact A malicious user can cause a use after free behavior when decoding PNG images: cc if / ... error conditions ... / png::CommonFreeDecode&decode; OPREQUIREScontext, false, errors::InvalidArgument"PNG size too large for int: ", decode.width, " by ", decode.height; After...

GHSA-9P77-MMRW-69C7 Null-dereference in Tensorflow

Impact When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK: cc const auto attr = attrs.Findarg-s; DCHECKattr != nullptr; if attr-valuecase == AttrValue::kLis...

PT-2022-6565 · Ffjpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 01.01.2021 Description: The issue is related to a heap-based buffer overflow in the jfif decode function at ffjpeg/src/jfif.c, which could cause a Denial of Service by using a crafted jpeg file. This can be exploited ...

PYSEC-2022-134

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a DCHECK. However, DCHECK is a no-op in production builds...

PYSEC-2022-135

Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a CHECK assertion is invalidated based on user controlled arguments, if the tensors have an invalid dtype and 0 elements or an invalid shape. This allows...

PYSEC-2022-94

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., , the decode value contains allocated buffers which can only be freed by calling png::CommonFreeDecode. However,...

PYSEC-2022-149

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., , the decode value contains allocated buffers which can only be freed by calling png::CommonFreeDecode. However,...

CVE-2022-23585

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., &decode, the decode value contains allocated buffers which can only be freed by calling...

PT-2022-16087 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.0 through 2.7.1 TensorFlow versions 2.6.0 through 2.6.3 Description: When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable argumen...

MoonBounce: New malware deployed by APT41 in UEFI firmware

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. MoonBounce is a new type of malware that hides in the most complex part of an Operating System OS, the Basic Input Output System BIOS chip, and thus persists even after reinstalling your OS or formatting your hard drive...

Unhandled exception when decoding form response JSON

Impact When handling form responses from the client ModalFormResponsePacket, the Minecraft Windows client may send weird JSON that jsondecode can't understand. A workaround for this is implemented in InGamePacketHandler::stupidjsondecode. An InvalidArgumentException is thrown by this function whe...

PT-2022-7549 · Hdf5 +2 · Hdf5 +2

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.13.1-1 Description: The issue is related to an untrusted pointer dereference vulnerability in the function H5O dtype decode helper at hdf5/src/H5Odtype.c in the HDF5 library. This vulnerability can lead to a Denial of Service D...