CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

UBUNTU-CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

PT-2024-31475 · Unknown +1 · Matrix Libolm +1

Name of the Vulnerable Software and Affected Versions: Matrix libolm versions through 3.2.16 Description: An issue was discovered in Matrix libolm, where cache-timing attacks can occur due to the use of base64 when decoding group session keys. This vulnerability only affects products that are no...

CVE-2024-45192

CVE-2024-45192 affects Matrix libolm up to version 3.2.16. The issue is a cache-timing vulnerability caused by decoding group session keys with base64 in the libolm implementation of Olm, potentially exposing timing-related information. NOTE: the vulnerability targets products that are no longer ...

CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

CVE-2024-42313

A use-after-free vulnerability was found in the Linux kernel. The firmware can add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly closing the decoder device from userspace during normal decoding can incur a read after free. This issue could allo...

OPENSUSE-SU-2024:0252-1 Security update for opera

This update for opera fixes the following issues: - Update to 112.0.5197.53 CHR-9814 Update Chromium on desktop-stable-126-5197 to 126.0.6478.226 DNA-116974 Site settings popup size not expanding causing display issues DNA-117115 Tab islands are extending partially after Workspace change DNA-1177...

AZL-48012 CVE-2024-42313 affecting package kernel for versions less than 6.6.47.1-1

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...

AZL-47949 CVE-2024-42313 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...

CVE-2024-42313 media: venus: fix use after free in vdec_close

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdecclose There appears to be a possible use after free with vdecclose. The firmware will add buffer release work to the work queue through HFI callbacks as a normal part of decoding. Randomly...

CVE-2024-7790

A stored cross site scripting vulnerabilities exists in DevikaAI from commit 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input...

Devika 安全漏洞

Devika is an advanced AI software engineer open-sourced by stition. It can understand advanced human instructions, break them down into steps, study the relevant information, and write code to achieve a given goal. Devika suffers from a security vulnerability that stems from the presence of a...

gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization

A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...

CVE-2024-23353

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESMIEI...

CVE-2024-23353

CVE-2024-23353 affects Qualcomm components (Multi Mode Call Processor) and describes a transient denial-of-service during decoding an attach reject message received by UE when IEI is set to ESM_IEI. CVSSv3.1 base score 7.5 (High) with network attack vector, no user interaction, and impact limited...

PT-2024-19832 · Qualcomm · 205 Mobile Platform Firmware +225

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves a transient Denial of Service DOS that occurs while decoding an attach reject message received by a UE User Equipment, specifically...

Visible Encoding Maps

pheonixappapi is vulnerable to Visible Encoding Maps. The vulnerability is due to map of encoding/decoding languages are visible in code...

CVE-2024-41951

Pheonix App is a Python application designed to streamline various tasks, from managing files to playing mini-games. The issue is that the map of encoding/decoding languages are visible in code. The Problem was patched in 0.2.4...

CVE-2024-41951

The CVE-2024-41951 issue affects Pheonix App (PheonixAppAPI) where the map of encoding/decoding languages is visible in the source, described as a moderate impact vulnerability. Root cause: encoding/decoding language mappings exposed in code. Affected versions were prior to 0.2.4, with a patch re...