GHSA-R7FM-3PQM-WW5W Chall-Manager's scenario decoding process does not check for zip bombs

Impact When decoding a scenario i.e. a zip archive, the size of the decoded content is not checked, potentially leading to zip bombs decompression. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the scenario decoding process. An attacker can cause excessive resource consumption by submitting a specially crafted zip archive that decompresses to a very large size...

Chall-Manager's scenario decoding process does not check for zip bombs

Impact When decoding a scenario i.e. a zip archive, the size of the decoded content is not checked, potentially leading to zip bombs decompression. Exploitation does not require authentication nor authorization, so anyone can exploit it. It should nonetheless not be exploitable as it is highly...

CVE-2025-27044 Out-of-bounds Write in Video

Memory corruption while executing timestamp video decode command with large input values...

CVE-2025-21008

Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption...

CVE-2025-21009

Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption...

Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets, which arises from a memory corruption when executing timestamped video decoding commands with large input values...

Payload和form 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from an information disclosure when decoding RTP packet payloads...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which originates from an out-of-bounds read when decoding a frame header, which may result ...

PT-2025-33038 · Git · Libavc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=428771938 Crash type: Heap-use-after-free READ 16 Crash state: ih264 inter pred luma horz ssse3 ih264d motion compensate mp isvcd decode recon tfr nmb non base lyr...

50M_CTF_Writeup

It is an offensive tool for CTF Capture The Flag challenges. The repository contains a writeup for a $50 million CTF challenge, which includes a binary image that needs to be decoded to reveal a hidden message. The binary image is encoded with a repeating sequence of binary digits, which can be...

OSV-2025-512 Invalid-free in pdf_decodestream

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=428754704 Crash type: Invalid-free Crash state: pdfdecodestream pdfextractobj clipdf...

FreeBSD Security Advisory - FreeBSD-SA-25:06.xz

FreeBSD Security Advisory - A worker thread could free its input buffer after decoding, while the main thread might still be writing to it. This leads to an use-after-free condition on heap memory...

infinispan: Credential Leakage in Infinispan CLI

A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found...

Heap-based Buffer Overflow

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Heap-based Buffer Overflow. The nativeImage.createFromPath or nativeImage.createFromBuffer APIs in Electron...

[SECURITY] Fedora 42 Update: perl-Crypt-OpenSSL-RSA-0.35-1.fc42

Crypt::OpenSSL::RSA - RSA encoding and decoding, using the openSSL libraries...

AppleAVD AV1_Syntax::f Out-Of-Bounds Read

There is an issue in AppleAVD kernel extension with decoding AV1 video files that could potentially be used to read out-of bound data or potentially cause a kernel crash when rendering a malformed video file. The issue was observed on macOS Sonoma 14.5...

USN-7588-1 gss-ntlmssp vulnerabilities

Phil Turnbull discovered that GSS NTLMSSP may perform out-of-bounds reads when decoding NTLM fields and target information. An attacker could possibly use this issue to cause GSS NTLMSSP to crash, resulting in a denial of service. CVE-2023-25563, CVE-2023-25567 Phil Turnbull discovered that GSS...

FreeBSD : cisco -- OpenH264 Decoding Functions Heap Overflow Vulnerability (03ba1cdd-4faf-11f0-af06-00a098b42aeb)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 03ba1cdd-4faf-11f0-af06-00a098b42aeb advisory. Cisco reports: A vulnerability in the decoding functions of OpenH264 codec library could allow a remote...

Medium: python3.11

Issue Overview: There is an issue in CPython when using bytes.decode"unicodeescape", error="ignore|replace". If you are not using the "unicodeescape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the...