PT-2025-5665 · Git +1 · Opencv

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash has been reported with an UNKNOWN READ crash type. The crash state involves several functions, including cv::PngDecoder::compose frame,...

CVE-2018-9383

In asn1berdecoder of asn1decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

BIT-PYTHON-MIN-2022-45061

An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decoder, such that a crafted, unreasonably long name being presented to the decoder could lead to a CPU denial of service. Hostnames are often...

PT-2025-1336 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or version is mentioned. Description: A possible out-of-bounds read in the asn1 ber decoder function in asn1 decoder.c could lead to local information disclosure with System execution privileges required. No user...

CVE-2024-56515

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in...

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 CVE-2024-47600: Fixed an out-of-bounds read in...

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio APE decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 CVSS score: 8.1, affects Samsung devices running Android versions 12, 13, a...

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 CVE-2024-47600: Fixed an out-of-bounds read in...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47539: Fixed an out-of-bounds write in converttos3341a...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47543: Fixed an out-of-bounds write in...

OESA-2025-1017 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: In FFmpeg version n6.1....

SUSE SLES15 Security Update : gstreamer-plugins-base (SUSE-SU-2025:0054-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0054-1 advisory. - CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 - CVE-2024-47835: Fixed a...

Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. boo1234449 CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 CVE-2024-47539: Fixe...

Security update for gstreamer-plugins-base

This update for gstreamer-plugins-base fixes the following issues: CVE-2024-47538: Fixed a stack-buffer overflow in vorbishandleidentificationpacket. bsc1234415 CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. bsc1234450 CVE-2024-47600: Fixed an out-of-bounds read in...

PT-2025-5655 · Opencv · Opencv

Name of the Vulnerable Software and Affected Versions: OpenCV affected versions not specified Description: The issue is related to a heap buffer overflow read in the PngDecoder of OpenCV. The crash occurs in the cv::PngDecoder::readHeader function, which is called by cv::imdecode and cv::imdecode...

The vulnerability of the sec_pkcs7_decoder_start_decrypt() function in Mozilla Firefox and Thunderbird email client allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the secpkcs7decoderstartdecrypt function in Mozilla Firefox and Thunderbird’s email client is related to the reallocation of memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

OSV-2024-1417 Heap-buffer-overflow in cv::PngDecoder::read_from_io

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386688710 Crash type: Heap-buffer-overflow READ 4 Crash state: cv::PngDecoder::readfromio cv::PngDecoder::readchunk cv::PngDecoder::readHeader...

PT-2026-21540

Name of the Vulnerable Software and Affected Versions strukturag libde265 versions prior to commit d9fea9d Description A segmentation fault exists in strukturag libde265 due to an issue within the decoder context::compute framedrop table component. This can lead to a program crash. Recommendation...

PT-2025-31051

Name of the Vulnerable Software and Affected Versions ffmpeg affected versions not specified Description A null pointer dereference issue exists in the FFmpeg ALS decoder, specifically within the libavcodec/alsdec.c file. This can lead to crashes or unexpected behavior when processing audio...

PT-2025-54268

Name of the Vulnerable Software and Affected Versions cbor2 versions 3.0.0 through 5.7.0 Description cbor2 is a library for encoding and decoding the Concise Binary Object Representation CBOR serialization format. A flaw exists where, when a CBORDecoder instance is reused across multiple decode...