4570 matches found
CVE-2021-38199 affecting package kernel for versions less than 5.10.78.1-1
CVE-2021-38199 affecting package kernel for versions less than 5.10.78.1-1. A patched version of the package is available...
CVE-2019-3016 affecting package kernel for versions less than 5.10.78.1-1
CVE-2019-3016 affecting package kernel for versions less than 5.10.78.1-1. A patched version of the package is available...
CVE-2021-32760 affecting package moby-containerd for versions less than 1.4.4+azure-4
CVE-2021-32760 affecting package moby-containerd for versions less than 1.4.4+azure-4. A patched version of the package is available...
CVE-2008-0888 affecting package unzip for versions less than 6.0-19
CVE-2008-0888 affecting package unzip for versions less than 6.0-19. A patched version of the package is available...
CVE-2016-9844 affecting package unzip for versions less than 6.0-19
CVE-2016-9844 affecting package unzip for versions less than 6.0-19. A patched version of the package is available...
CVE-2019-12749 affecting package dbus for versions less than 1.13.6-9
CVE-2019-12749 affecting package dbus for versions less than 1.13.6-9. A patched version of the package is available...
CVE-2021-20231 affecting package gnutls for versions less than 3.6.14-5
CVE-2021-20231 affecting package gnutls for versions less than 3.6.14-5. A patched version of the package is available...
CVE-2021-3739 affecting package kernel 5.10.189.1-1
CVE-2021-3739 affecting package kernel 5.10.189.1-1. A patched version of the package is available...
CVE-2021-3930 affecting package qemu-kvm 4.2.0-48
CVE-2021-3930 affecting package qemu-kvm 4.2.0-48. A patched version of the package is available...
CVE-2022-0561 affecting package libtiff 4.1.0-3
CVE-2022-0561 affecting package libtiff 4.1.0-3. A patched version of the package is available...
DEBIAN-CVE-2022-24786
PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI Reference Picture Selection Indication packet, but any app that directly uses pjmediartcpfbparserpsi will be affected. A patch is available in the...
Design/Logic Flaw
PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI Reference Picture Selection Indication packet, but any app that directly uses pjmediartcpfbparserpsi will be affected. A patch is available in the...
UBUNTU-CVE-2022-24786
PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI Reference Picture Selection Indication packet, but any app that directly uses pjmediartcpfbparserpsi will be affected. A patch is available in the...
AZL-35233 CVE-2022-24795 affecting package rubygem-yajl-ruby for versions less than 1.4.3-1
yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in the need 32bit...
CVE-2022-24795
The CVE-2022-24795 issue affects yajl (and its ruby binding yajl-ruby). A 32-bit size_t-based integer overflow in the reallocation logic (yajl_buf.c) can cause under-allocation when handling very large inputs (~2 GB), leading to heap memory corruption and potential process availability impact. On...
CVE-2022-24795 Buffer Overflow and Integer Overflow in yajl-ruby
yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in the need 32bit...
CVE-2022-24795
yajl-ruby is a C binding to the YAJL JSON parsing and generation library. The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. The reallocation logic at yajlbuf.cL64 may result in the need 32bit...
CVE-2022-24813 Authentication Bypass Using an Alternate Path or Channel in CreateWiki
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. Without the patch for this issue, anonymous comments can be made using Special:RequestWikiQueue when sent directly via POST. A patch for this issue is available in the master branch of CreateWiki's GitHub repository...
CVE-2022-24787 Incorrect Comparison in Vyper
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. In version 0.3.1 and prior, bytestrings can have dirty bytes in them, resulting in the word-for-word comparisons giving incorrect results. Even without dirty nonzero bytes, two bytestrings can compare to equal if one en...
Trend Micro Apex Central and Trend Micro Apex Central as a Service vulnerable to improper check for file contents
Overview Trend Micro Apex Central and Trend Micro Apex Central as a Service provided by Trend Micro Incorporated are vulnerable to improper check for file contents CWE-345, CVE-2022-26871. Trend Micro Incorporated states that attacks has been observed. Trend Micro Incorporated reported this...