41 matches found
CVE-2024-24825 TokenManager not checking permissions on cached tokens in DIRAC
DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known...
CVE-2024-24825 TokenManager not checking permissions on cached tokens in DIRAC
DIRAC is a distributed resource framework. In affected versions any user could get a token that has been requested by another user/agent. This may expose resources to unintended parties. This issue has been addressed in release version 8.0.37. Users are advised to upgrade. There are no known...
CVE-2024-24825
DIRAC’s TokenManager vulnerability (CVE-2024-24825) affects DIRAC before version 8.0.37, allowing any user to obtain a token requested by another user/agent and potentially expose resources. The issue is fixed in 8.0.37; upg rade to that release. Other sources (GitHub advisory GHSA-59qj-jcjv-662j...
comdirac (>=0.22.0 <=1.3.3), ctadirac (>=2.0.0 <=2.2.35) +3 more potentially affected by CVE-2024-24825 via dirac (>=7.2.30 <=8.0.30)
dirac PYPI version =7.2.30, =0.22.0, =2.0.0, =33.0.0a1, =10.2.5, =10.4.23 - lhcbwebdirac =5.3.0a2 Source cves: CVE-2024-24825 Source advisory: OSV:GHSA-59QJ-JCJV-662J...
ctadirac (>=2.2.0a1 <=2.2.35) potentially affected by CVE-2024-24825 via dirac (>=8.0.0 <=8.0.30)
dirac PYPI version =8.0.0, =2.2.0a1, =2.2.35 Source cves: CVE-2024-24825 Source advisory: OSV:GHSA-59QJ-JCJV-662J...
GHSA-59QJ-JCJV-662J DIRAC's TokenManager does not check permissions on cached tokens
Impact Any user could get a token that has been requested by another user/agent Patches The vulnerability is fixed in version 8.0.37. Workarounds None References...
DIRAC's TokenManager does not check permissions on cached tokens
Impact Any user could get a token that has been requested by another user/agent Patches The vulnerability is fixed in version 8.0.37. Workarounds None References...
The vulnerability of the Dirac and Schrodinger codecs in the VideoLAN VLC media player software allows a hacker to execute arbitrary code or cause a service failure.
The vulnerability of the Dirac and Schrodinger codecs in the VideoLAN VLC media player software lies in the fact that the operation results are stored outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause system failures...
Libav Denial of Service Vulnerability (CNVD-2018-07427)
Libav is an open source audio and video processing tools , providing for conversion , manipulation and streaming of various multimedia formats and protocols cross-platform tools and libraries . A denial of service vulnerability exists in the unpackparseunit function in libavcodec/diracparser.c in...
UBUNTU-CVE-2017-18243
The unpackparseunit function in libavcodec/diracparser.c in Libav 12.2 allows remote attackers to cause a denial of service segmentation fault via a crafted file...
CVE-2017-18243
The unpackparseunit function in libavcodec/diracparser.c in Libav 12.2 allows remote attackers to cause a denial of service segmentation fault via a crafted file...
CVE-2017-18243
The unpackparseunit function in libavcodec/diracparser.c in Libav 12.2 allows remote attackers to cause a denial of service segmentation fault via a crafted file...
CVE-2017-18243
CVE-2017-18243 affects Libav 12.2 and is caused by the unpack_parse_unit function in libavcodec/dirac_parser.c. A crafted file can trigger a denial-of-service (segmentation fault). The vulnerability is documented across multiple sources (e.g., NVD, Red Hat, CNVD) with no public exploit details pr...
openSUSE Security Update : ffmpeg (openSUSE-2015-821)
The ffmpeg package was updated to version 2.8.2 to fix the following security and non security issues : - CVE-2015-8216: Fixed the ljpegdecodeyuvscan function in libavcodec/mjpegdec.c which could cause a denial of service out-of-bounds array access bnc955346. - CVE-2015-8217: Fixed the...
Debian DSA-3150-1 : vlc - security update
Fabian Yamaguchi discovered multiple vulnerabilities in VLC, a multimedia player and streamer : - CVE-2014-9626 The MP4 demuxer, when parsing string boxes, did not properly check the length of the box, leading to a possible integer underflow when using this length value in a call to memcpy. This...
DSA-3150-1 vlc - security update
Bulletin has no description...
CVE-2011-3949
The diracunpackidwtparams function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data...
Code injection
The diracunpackidwtparams function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data...
CVE-2011-3949
The diracunpackidwtparams function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data...
CVE-2011-3949
The diracunpackidwtparams function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data...