CVE-2022-29240

The CVE-2022-29240 issue is an uninitialized memory read during LZ4 decompression of a CQL frame in Scylla. If a user supplies a forged uncompressed length, part of the decompression buffer can remain uninitialized, enabling exploitation based on privileges. Reported impacts include an authentica...

DoS attack in the HTTP decompression

Description Tulip is able to decompress compressed HTTP payloads. It does not check for decompression bomb. Using brotli, an attacker can send a HTTP paquet to a team vulnbox containing a brotli payload of 8.3KB. When decompressing this payload, it expands to 10GiB on the machine running the...

WithSecure Endpoint Protection 安全漏洞

WithSecure Endpoint Protection is a cloud-native, AI-powered endpoint protection from Finland's WithSecure. It can be deployed instantly from a browser and easily managed from a single console. A security vulnerability exists in WithSecure Endpoint Protection, which stems from the fact that...

Oracle Linux 9 : curl (ELSA-2022-6157)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-6157 advisory. - fix unpreserved file permissions CVE-2022-32207 - fix HTTP compression denial of service CVE-2022-32206 Tenable has extracted the preceding descripti...

curl: HTTP compression denial of service

A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. This flaw leads to a denial of service, either by mistake or by a...

curl: HTTP compression denial of service

A vulnerability was found in curl. This issue occurs because the number of acceptable "links" in the "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps. This flaw leads to a denial of service, either by mistake or by a...

Huawei EulerOS: Security Advisory for gstreamer1-plugins-good (EulerOS-SA-2022-2269)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : curl (SUSE-SU-2022:2829-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2829-1 advisory. - CVE-2022-27781: Fixed an issue where curl will get stuck in an infinite loop when trying to retrieve details about a TLS server's...

EulerOS 2.0 SP5 : gstreamer1-plugins-good (EulerOS-SA-2022-2269)

According to the versions of the gstreamer1-plugins-good package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in matroskademux element in gstmatroskademuxaddwvpkheader function which allows a heap overwrite while parsing...

HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2022-1485 HDF5 Group libhdf5 gif2h5 out-of-bounds write vulnerability August 16, 2022 CVE Number CVE-2022-25972 SUMMARY An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to...

Debian DSA-5204-1 : gst-plugins-good1.0 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5204 advisory. Adam Doupe discovered multiple vulnerabilities in the Gstreamer plugins to demux Mastroska and AVI files which could result in denial of service or the execution ...

Debian dla-3069 : gstreamer1.0-gtk3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3069 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3069-1 [email protected]...

CVE-2022-23002 Point Compression/Decompression of NIST P-256 points with X coordinate of zero

When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output will cause an error when used in other operations. This may be leveraged by an...

CVE-2022-23001

The CVE-2022-23001 entry concerns the Western Digital Sweet B library, which implements public-key elliptic-curve cryptography (NIST P-256 and SECG secp256k1). The vulnerability stems from selecting the wrong sign bit during compression or decompression of elliptic-curve points. An attacker with ...

[SECURITY] Fedora 35 Update: suricata-6.0.6-1.fc35

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 36 Update: suricata-6.0.6-1.fc36

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

CVE-2022-2122

DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemuxinflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a...

CVE-2022-2122

DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemuxinflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a...

CVE-2022-1924

DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it...

DEBIAN-CVE-2022-2122

DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemuxinflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a...