6112 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-20199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a...
Linux Distros Unpatched Vulnerability : CVE-2016-9812
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gstmpegtssectionnew function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service out-of-bounds read via a...
Linux Distros Unpatched Vulnerability : CVE-2018-19503
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.1. There was a stack-based buffer overflow in the function calculategain in...
Linux Distros Unpatched Vulnerability : CVE-2018-20359
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbrdec.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8...
Remote Code Execution (RCE)
Overview picklescan is a Security scanner detecting Python Pickle files performing suspicious actions Affected versions of this package are vulnerable to Remote Code Execution RCE due to using torch.utils.data.datapipes.utils.decoder.basichandlers function. An attacker can execute arbitrary code ...
Picklescan missing detection when calling pytorch function torch.utils.data.datapipes.utils.decoder.basichandlers
Summary Using torch.utils.data.datapipes.utils.decoder.basichandlers function, which is a pytorch library function to execute remote pickle file. Details The attack payload executes in the following steps: First, the attacker craft the payload by calling to...
ROS-20250822-11
A vulnerability in the HPACK decoder of Golang programming is related to uncontrolled resource consumption. Exploitation of the vulnerability could allow an attacker acting locally to cause a denial of service...
Linux Distros Unpatched Vulnerability : CVE-2022-24823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an open-source, asynchronous event-driven network application framework. The package io.netty:netty-codec-http prior to version 4.1.77.Final contains a...
Linux Distros Unpatched Vulnerability : CVE-2022-39244
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and...
Linux Distros Unpatched Vulnerability : CVE-2021-37137
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable...
Linux Distros Unpatched Vulnerability : CVE-2021-37136
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data which affects the allocation size used during...
Linux Distros Unpatched Vulnerability : CVE-2025-2310
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. Th...
Linux Distros Unpatched Vulnerability : CVE-2022-24106
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unkno...
CVE-2025-38543
In the Linux kernel, the following vulnerability has been resolved: drm/tegra: nvdec: Fix dmaalloccoherent error check Check for NULL return value with dmaalloccoherent, in line with Robin's fix for vic.c in 'drm/tegra: vic: Fix DMA API misuse'...
OESA-2025-2029 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg...
OESA-2025-2028 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg...
Linux Distros Unpatched Vulnerability : CVE-2022-49895
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix decoder allocation crash When an intermediate port's decoders have been...
Malicious code in node-pelcod-decoder (npm)
The package node-pelcod-decoder was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2022-50182
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with...
GO-2025-3845 Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder in github.com/gofiber/fiber
Fiber Crashes in BodyParser Due to Unvalidated Large Slice Index in Decoder in github.com/gofiber/fiber...