Lucene search
K

19 matches found

CVE
CVE
added 2026/06/17 4:20 p.m.52 views

CVE-2026-9675

The CVE-2026-9675 issue affects the undici WebSocket client (new WebSocket(...)) where per-frame maxPayloadSize is enforced but the cumulative size of fragmented, uncompressed messages is not. A attacker-controlled WebSocket endpoint can stream many small fragments that pass per-frame validation ...

7.5CVSS5.3AI score0.00426EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/17 4:20 p.m.5 views

CVE-2026-9675

Impact: The undici WebSocket client enforces maxPayloadSize per-frame but does not enforce the cumulative size of fragmented uncompressed messages. A malicious WebSocket server can stream many small fragments that each pass per-frame validation but collectively exceed the configured limit, causin...

7.5CVSS5.3AI score0.00426EPSS
Exploits0
NVD
NVD
added 2026/05/28 10:16 a.m.14 views

CVE-2026-46210

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own inst-lock while the core-lock protects the list of active instances. T...

7.8CVSS0.00129EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 9:40 a.m.21 views

CVE-2026-46210

The CVE-2026-46210 issue affects the Linux kernel Iris media driver. A race between per-instance locks (inst->lock) and the core list lock (core->lock) allows a use-after-free during MBPF checks: MBPF iterates the core list and reads fields like fmt_src->width/height while iris_close() m...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:40 a.m.36 views

CVE-2026-46210 media: iris: fix use-after-free of fmt_src during MBPF check

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own inst-lock while the core-lock protects the list of active instances. T...

7.8CVSS0.00129EPSS
Exploits0References2
Fedora
Fedora
added 2026/04/10 1:11 a.m.5 views

[SECURITY] Fedora 42 Update: libcgif-0.5.3-1.fc42

A fast and lightweight GIF encoder that can create GIF animations and images. Summary of the main features: - user-defined global or local color-palette with up to 256 colors limit of the GIF format - size-optimizations for GIF animations: - option to set a pixel to transparent if it has identica...

5.3CVSS5.8AI score0.00492EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-2772

Malware in sbrugna...

10CVSS9.3AI score0.02794EPSS
Exploits0References9
OSV
OSV
added 2025/09/12 6:15 a.m.4 views

DEBIAN-CVE-2025-10148

curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traffic between the two...

5.3CVSS7AI score0.00466EPSS
Exploits0References1
OSV
OSV
added 2025/09/12 6:15 a.m.5 views

ALPINE-CVE-2025-10148

curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire connection. A predictable mask pattern allows for a malicious server to induce traffic between the two...

5.3CVSS7.1AI score0.00466EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/02 12:0 a.m.6 views

VIDSTAMP: a Temporally-Aware Watermark for Ownership and Integrity in Video Diffusion Models

The rapid rise of video diffusion models has enabled the generation of highly realistic and temporally coherent videos, raising critical concerns about content authenticity, provenance, and misuse. Existing watermarking approaches, whether passive, post-hoc, or adapted from image-based techniques...

7.2AI score
Exploits0
OSV
OSV
added 2023/08/09 3:30 p.m.3 views

GHSA-496J-2RQ6-J6CC Excessive Iteration in gRPC

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References5
OSV
OSV
added 2023/08/09 1:15 p.m.1 views

DEBIAN-CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.8AI score0.00412EPSS
Exploits0References1
OSV
OSV
added 2023/08/09 1:15 p.m.3 views

UBUNTU-CVE-2023-33953

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption ...

7.5CVSS7.2AI score0.00412EPSS
Exploits0References3
OSV
OSV
added 2021/05/11 8:15 p.m.2 views

DEBIAN-CVE-2020-24587

The 802.11 standard that underpins Wi-Fi Protected Access WPA, WPA2, and WPA3 and Wired Equivalent Privacy WEP doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and...

2.6CVSS6.8AI score0.02592EPSS
Exploits2References1
NVD
NVD
added 2012/09/10 10:55 p.m.16 views

CVE-2012-2792

Unspecified vulnerability in the decodeinit function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame...

10CVSS6.4AI score0.02794EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2012/09/10 10:55 p.m.26 views

CVE-2012-2792

Unspecified vulnerability in the decodeinit function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame...

10CVSS7.2AI score0.02794EPSS
Exploits0References5
Prion
Prion
added 2012/09/10 10:55 p.m.20 views

Design/Logic Flaw

Unspecified vulnerability in the decodeinit function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame...

10CVSS6.7AI score0.02794EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2012/09/10 10:0 p.m.53 views

CVE-2012-2792

CVE-2012-2792 concerns FFmpeg, specifically an unspecified vulnerability in the decode_init function within libavcodec/wmalosslessdec.c, affecting FFmpeg versions before 0.11. The provided connected documents do not reveal concrete details about the root cause beyond “related to the samples per f...

10CVSS9.3AI score0.02794EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2012/09/10 10:0 p.m.18 views

CVE-2012-2792

Unspecified vulnerability in the decodeinit function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame...

10CVSS9.5AI score0.02794EPSS
Exploits0
Rows per page
Query Builder