Design/Logic Flaw

Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...

Libde265 代码问题漏洞

Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.11, which stems from a segmentation violation discovered via the decodercontext::processslicesegmentheader function in decctx.cc...

GO-2023-1623 Out-of-memory panic in github.com/crossplane/crossplane-runtime

An out of memory panic vulnerability exists in the crossplane-runtime libraries. Applications that use the Paved type's SetValue method with user-provided input that is not properly validated might use excessive amounts of memory and cause an out of memory panic. In the fieldpath package, the...

DEBIAN-CVE-2022-47665

Libde265 1.0.9 has a heap buffer overflow vulnerability in de265image::setSliceAddrRSint, int, int...

SUSE CVE-2014-9604

libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...

SUSE CVE-2014-10077

Hashslice in lib/i18n/coreext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service application crash via a call in a situation where :somekey is present in keepkeys but not present in the hash...

SUSE CVE-2015-8661

The h264sliceheaderinit function in libavcodec/h264slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other...

SUSE CVE-2017-7859

FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ffh264slicecontextinit function in libavcodec/h264dec.c...

SUSE CVE-2018-6392

The filterslice function in libavfilter/vftranspose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service out-of-array access via a crafted MP4 file...

SUSE CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

SUSE CVE-2019-19922

kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfsquotaus is used e.g., with Kubernetes, allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. In other words, althoug...

SUSE CVE-2020-12657

An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfqidleslicetimerbody...

SUSE CVE-2020-28852

In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. x/text/language is supposed to be able to parse an HTTP Accept-Language header...

SUSE CVE-2021-25737

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

SUSE CVE-2022-21736

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

PT-2023-36098 · Safemem +1 · Safemem +1

Name of the Vulnerable Software and Affected Versions: safemem affected versions not specified Description: The safemem repository has been archived by its author, with the latest crates.io release dating back to 2019. For migration purposes, several functions can be replaced with their equivalen...

go-unixfs 资源管理错误漏洞

go-unixfs is an implementation of a unix-like filesystem utility on top of ipld merkledag. A resource management error vulnerability exists in go-unixfs versions prior to 0.4.3, which stems from an attempt to read an incorrectly formatted HAMT slice directory that could lead to panic and virtual...

CVE-2021-37373

Cross Site Scripting XSS vulnerability in Teradek Slice 1st generation firmware 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware...

CVE-2021-37373

Cross Site Scripting XSS vulnerability in Teradek Slice 1st generation firmware 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware...

Cross site scripting

UNSUPPORTED WHEN ASSIGNED Cross Site Scripting XSS vulnerability in Teradek Slice 1st generation firmware 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not...