Pheonix App 安全漏洞

Pheonix App is a powerful Python application from the individual developers at AkshuDev. Pheonix App has a security vulnerability that stems from the mapping of encoding and decoding languages being visible in the code...

nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service

A flaw was found in Node.js that allows a denial of service attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fetch function in Node.js that always decodes Brotli, making it possible for an attacker to caus...

CLSA-2024-1721206783 freerdp: Fix of 12 CVEs

CVE-2023-39352: add bound check in gdiSolidFill - CVE-2023-39353: check indices are within range - CVE-2023-39356: fix checks for multi opaque rect - CVE-2023-40181: fix cBitsRemaining calculation - CVE-2023-40186: fix integer multiplications - CVE-2023-40188: fix input length validation -...

nodejs: using the fetch() function to retrieve content from an untrusted URL leads to denial of service

A flaw was found in Node.js that allows a denial of service attack through resource exhaustion when using the fetch function to retrieve content from an untrusted URL. The vulnerability stems from the fetch function in Node.js that always decodes Brotli, making it possible for an attacker to caus...

PT-2024-40809 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap buffer overflow issue was identified, potentially causing a crash. The crash occurs in the ih264d format convert function, which is called by isvc...

CVE-2024-39312 Botan has an Authorization Error due to Name Constraint Decoding Bug

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...

CVE-2024-39312 Botan has an Authorization Error due to Name Constraint Decoding Bug

Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. A bug in the parsing of name constraint extensions in X.509 certificates meant that if the extension included both permitted subtree...

OESA-2024-1807 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

OESA-2024-1808 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

OESA-2024-1806 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: adtsdecodeextradata in...

AZL-44949 CVE-2024-37298 affecting package podman for versions less than 5.6.1-2

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...

AZL-43103 CVE-2024-37298 affecting package libcontainers-common for versions less than 20240213-2

gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of...

A vulnerability in Node.js has been identified allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node.js always decodes Brotli making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed into fetch() can exploit this vulnerability to exhaust memory potentially leading to process termination depending on the system configuration.

...

(Pwn2Own) Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Autel MaxiCharger AC Elite Business C50 chargers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

PT-2024-20188 · Alpine · Alpine Halo9

Name of the Vulnerable Software and Affected Versions: Alpine Halo9 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious...

DEBIAN-CVE-2024-6162

A vulnerability was found in Undertow, where URL-encoded request paths can be mishandled during concurrent requests on the AJP listener. This issue arises because the same buffer is used to decode the paths for multiple requests simultaneously, leading to incorrect path information being processe...

PT-2024-27463 · Unknown +1 · Oqs-Provider +1

Name of the Vulnerable Software and Affected Versions: oqs-provider versions prior to 0.6.1 Description: The issue arises from the way oqs-provider handles lengths decoded with DECODE UINT32 at the start of serialized hybrid keys and signatures. Unchecked length values are later used for memory...

CVE-2024-38285

CVE-2024-38285 affects Motorola Solutions Vigilant Fixed LPR Coms Box (BCAV1F2-C600) and related firmware versions up to 3.1.171.9. The vulnerability is insufficient protection of logs that store credentials, which can be decoded with open source tools, exposing sensitive credentials. Impact metr...

GHSA-5357-C2JX-V7QH Authlib has algorithm confusion with asymmetric public keys

lepture Authlib before 1.3.1 has algorithm confusion with asymmetric public keys. Unless an algorithm is specified in a jwt.decode call, HMAC verification is allowed with any asymmetric public key. This is similar to CVE-2022-29217 and CVE-2024-33663...

[SECURITY] Fedora 39 Update: glycin-loaders-0.1.2-2.fc39

Sandboxed and extendable image decoding...