6242 matches found
CVE-2022-20092
In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061...
CVE-2022-20092
In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061...
CVE-2022-20092
In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061...
Out-of-bounds
In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061...
CVE-2022-20092
The CVE-2022-20092 issue affects MediaTek devices with the alac decoder. Root cause: missing bounds checks cause an out-of-bounds read, enabling local information disclosure without execution privileges. Exploitation is reported as requiring local access; user interaction is not needed. Patch/mit...
CVE-2022-20092
In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061...
SUSE SLED15 / SLES15 Security Update : jasper (SUSE-SU-2022:1479-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1479-1 advisory. - A flaw was found in jasper before 2.0.25. An out of bounds read issue was found in jp2decode function whic m...
Fedora: Security Advisory for golang-github-francoispqt-gojay (FEDORA-2022-5cbd6de569)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: golang-github-francoispqt-gojay-1.2.13-6.fc34
GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...
[SECURITY] Fedora 35 Update: golang-github-francoispqt-gojay-1.2.13-6.fc35
GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...
The vulnerability of the Alac decoder in Microprogramming Software Microchip MediaTek MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797—allows a hacker to disclose protected information.
The vulnerability of the Alac decoder in microprogramming software for MediaTek’s MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833,...
GSD-2022-1001228 cxl/port: Hold port reference until decoder release
cxl/port: Hold port reference until decoder release This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.2 by commit...
libsixel resource management error vulnerability (CNVD-2022-31766)
libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. A resource management error vulnerability exists in libsixel version 1.8.6, which stems from the presence of heap-based post-release reuse in libsixel/src/dither.c:388. An...
CVE-2022-38171
Xpdf prior to version 4.04 contains an integer overflow in the JBIG2 decoder JBIG2Stream::readTextRegionSeg in JBIG2Stream.cc. Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by...
CVE-2022-24106
In Xpdf prior to 4.04, the DCT JPEG decoder was incorrectly allowing the 'interleaved' flag to be changed after the first scan of the image, leading to an unknown integer-related vulnerability in Stream.cc...
Incorrect Bitwise Shift of Integer
Overview Affected versions of this package are vulnerable to Incorrect Bitwise Shift of Integer in the stbijpegdecodeblockprogac function. Remediation There is no fixed version for stb. References - GitHub Issue - GitHub PR...
The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC function decoding process allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC function decoding process is related to incorrect checking of the result of an arithmetic operation. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and...
The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC’s function decoding process allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the MPEG-4 multimedia platform GPAC decoder’s decoding function is related to incorrect checking of the result of an arithmetic operation. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service failures...
The vulnerability of the stz2 decoder, a function for decoding MPEG-4 multimedia platforms, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the stz2 decoder, which is part of the MPEG-4 multimedia platform GPAC decoding functionality, stems from incorrect checking of the result of an arithmetic operation. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its...
The vulnerability of the RTP decoder, a component for decoding MPEG-4 multimedia platforms like GPAC, allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the RTP decoder used for decoding MPEG-4 multimedia platform GPAC is related to the lack of verification for the result of the addition arithmetic operation. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity,...