41 matches found
EUVD-2012-2829
Malware in sbrugna...
EUVD-2017-9027
Malware in sbrugna...
EUVD-2022-41801
Malicious code in bioql PyPI...
EUVD-2024-2407
Malicious code in bioql PyPI...
EUVD-2022-25352
Malicious code in bioql PyPI...
CVE-2024-45234
An issue was discovered in Fort before 1.6.3. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP an ROA or a Manifest containing a signedAttrs encoded in non-canonical form. This bypasses Fort's BER decoder, reaching a point in the code that panics...
CVE-2018-21233
TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...
PT-2025-18320 · Base-X · Base-X
Name of the Vulnerable Software and Affected Versions: base-x versions prior to 3.0.11 base-x version 4.0.0 base-x version 5.0.0 Description: The issue allows attackers to potentially deceive users into sending funds to an unintended address. This is achieved through a problem in the base-x encod...
Out-of-bounds Write
ImageSharp is vulnerable to an Out-of-Bounds Write. The vulnerability is due to improper memory handling due to an issue in the GIF decoder, allowing attackers to craft a malicious GIF that causes a crash, potentially leading to a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2022-41723
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of...
Linux Distros Unpatched Vulnerability : CVE-2023-38633
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files on the local filesystem...
FreeBSD : gstreamer1-plugins-jpeg -- NULL-pointer dereferences in JPEG decoder (7945c543-b3e8-11ef-b680-4ccc6adda413)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7945c543-b3e8-11ef-b680-4ccc6adda413 advisory. The GStreamer Security Center reports: Insufficient error handling in the JPEG decoder that can lead to...
CVE-2024-11403
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...
PT-2024-18580 · Mediatek · Mediatek
Name of the Vulnerable Software and Affected Versions: MediaTek products affected versions not specified Description: The issue is related to a possible out of bounds read in vdec due to a missing bounds check, which could lead to local information disclosure with System execution privileges...
PT-2024-9202 · Libjxl +5 · Libjxl +5
Name of the Vulnerable Software and Affected Versions: LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99 libjpeg affected versions not specified libmozjs-115-0-115.15.0-4.1 libmozjs-128-0-128.5.1-3.1 libjxl-devel-0.11.1-1.1 qt6-webengine Description: An out-of-bounds...
CVE-2022-45061
An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...
The vulnerability of the Alac decoder in Microprogramming Software Microchip MediaTek MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797—allows a hacker to disclose protected information.
The vulnerability of the Alac decoder in microprogramming software for MediaTek’s MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833,...
CVE-2015-0295
The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the color components, which allows remote attackers to cause a denial of service divide-by-zero and crash via a crafted BMP file...
CVE-2009-4631
Off-by-one error in the VP3 decoder vp3.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption...
Mandriva Update for qt4 MDKSA-2007:075 (qt4)
Check for the Version of qt4 OpenVAS Vulnerability Test Mandriva Update for qt4 MDKSA-2007:075 qt4 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...