CVE-2022-28048

CVE-2022-28048 affects the STB library (STB v2.27) in the component stbi__jpeg_decode_block_prog_ac, causing an integer shift of invalid size. The connected records (Astra Linux entry and Gentoo GLSA) corroborate the affected library and version. Gentoo GLSA 2024-09-15 links to the same issue and...

CVE-2022-28048

STB v2.27 was discovered to contain an integer shift of invalid size in the component stbijpegdecodeblockprogac...

stb 安全漏洞

stb is a single-file public domain library for C/C ++. A security vulnerability exists in stb version v2.27, which stems from the inclusion of an integer shift of invalid size in the component stbijpegdecodeblockprogac...

GSD-2022-1000905 ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min

ASoC: ops: Shift tested values in sndsocputvolsw by +min This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.233 by commit...

GSD-2022-1000880 ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min

ASoC: ops: Shift tested values in sndsocputvolsw by +min This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.183 by commit...

GSD-2022-1000839 ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min

ASoC: ops: Shift tested values in sndsocputvolsw by +min This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.104 by commit...

GSD-2022-1000781 ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min

ASoC: ops: Shift tested values in sndsocputvolsw by +min This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.27 by commit...

The vulnerability in the implementation of the mode_sense_page() function of the QEMU hardware emulation software allows a intruder to trigger a service failure.

The vulnerability of the modesensepage function implementation in the QEMU hardware emulation software is related to a single-shift error when using the “page” parameter. Exploiting this vulnerability can allow an attacker to cause a system failure...

What is Shift-Left Testing and What are the Benefits?

Back in the infancy of software creation, certainly up until the mid-90s when we still used more traditional software development practices, most testing was conducted at the end of the production cycle on a graph, this would be to the right on the development timeline. Shift-left takes this...

Mageia: Security Advisory (MGASA-2022-0031)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:0178-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2022-1490 expat security update

An XML parser library. Security Fixes: In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory.CVE-2021-45960 lookup in xmlparse.c in Expat aka libexpat...

DEBIAN-CVE-2021-45764

GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shiftchunkoffsets.isra...

UBUNTU-CVE-2021-45764

GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shiftchunkoffsets.isra...

GPAC 缓冲区错误漏洞

GPAC is an open source multimedia framework. GPAC has a security vulnerability that stems from the discovery, via the function shiftchunkoffsets.isra, that GPAC v1.1.0 contains an invalid memory address dereference. No detailed vulnerability details are currently available...

PT-2022-12394 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.1.0 Description: An issue was discovered in GPAC, where an invalid memory address dereference occurs via the function shift chunk offsets.isra. Recommendations: For GPAC version 1.1.0, at the moment, there is no information abo...

In Expat (aka libexpat) before 2.4.3 a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g. allocating too few bytes or only freeing memory).

...

DEBIAN-CVE-2021-46044

A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service context-dependent...

DEBIAN-CVE-2021-46040

A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplaceshiftmoovmetaoffsets function, which causes a Denial of Servie context-dependent...

CVE-2021-46039

A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shiftchunkoffsets.part function, which causes a Denial of Service context-dependent...