Lucene search
K

748 matches found

Tenable Nessus
Tenable Nessus
added 2023/03/20 12:0 a.m.46 views

CBL Mariner 2.0 Security Update: golang (CVE-2021-41771)

The version of golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-41771 advisory. - ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a...

7.5CVSS6.9AI score0.04372EPSS
Exploits0References2
OSV
OSV
added 2023/03/15 3:15 p.m.2 views

ALPINE-CVE-2023-27102

Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...

6.5CVSS7.6AI score0.0067EPSS
Exploits1References1
OSV
OSV
added 2023/03/15 3:15 p.m.1 views

DEBIAN-CVE-2023-27102

Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...

6.5CVSS5.8AI score0.0067EPSS
Exploits1References1
Prion
Prion
added 2023/03/15 3:15 p.m.29 views

Design/Logic Flaw

Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...

4.3CVSS6.7AI score0.0067EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/03/15 12:0 a.m.3 views

Libde265 代码问题漏洞

Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.11, which stems from a segmentation violation discovered via the decodercontext::processslicesegmentheader function in decctx.cc...

6.5CVSS5.9AI score0.0067EPSS
Exploits1References2
OSV
OSV
added 2023/03/13 7:39 p.m.76 views

GO-2023-1623 Out-of-memory panic in github.com/crossplane/crossplane-runtime

An out of memory panic vulnerability exists in the crossplane-runtime libraries. Applications that use the Paved type's SetValue method with user-provided input that is not properly validated might use excessive amounts of memory and cause an out of memory panic. In the fieldpath package, the...

7.5CVSS6.4AI score0.00798EPSS
Exploits0References2
OSV
OSV
added 2023/03/03 3:15 p.m.1 views

DEBIAN-CVE-2022-47665

Libde265 1.0.9 has a heap buffer overflow vulnerability in de265image::setSliceAddrRSint, int, int...

7.8CVSS7.6AI score0.00325EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:24 a.m.4 views

SUSE CVE-2014-9604

libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...

7.5CVSS7.5AI score0.02395EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:23 a.m.4 views

SUSE CVE-2014-10077

Hashslice in lib/i18n/coreext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service application crash via a call in a situation where :somekey is present in keepkeys but not present in the hash...

7.5CVSS6.8AI score0.0339EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:11 a.m.2 views

SUSE CVE-2015-8661

The h264sliceheaderinit function in libavcodec/h264slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other...

8.3CVSS7.6AI score0.01913EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:46 a.m.3 views

SUSE CVE-2017-7859

FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ffh264slicecontextinit function in libavcodec/h264dec.c...

9.8CVSS7.6AI score0.01934EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.3 views

SUSE CVE-2018-6392

The filterslice function in libavfilter/vftranspose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service out-of-array access via a crafted MP4 file...

6.5CVSS7.1AI score0.01661EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:14 a.m.3 views

SUSE CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...

7.5CVSS8.6AI score0.29514EPSS
Exploits9References13
SUSE CVE
SUSE CVE
added 2023/02/15 4:5 a.m.4 views

SUSE CVE-2019-19922

kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfsquotaus is used e.g., with Kubernetes, allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. In other words, althoug...

4.7CVSS7.5AI score0.00949EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-12657

An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfqidleslicetimerbody...

7CVSS6.7AI score0.00711EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.5 views

SUSE CVE-2020-28852

In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. x/text/language is supposed to be able to parse an HTTP Accept-Language header...

5.3CVSS8.2AI score0.01674EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:44 a.m.2 views

SUSE CVE-2021-25737

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

2.7CVSS7.9AI score0.01332EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:29 a.m.4 views

SUSE CVE-2022-21736

Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...

6.5CVSS6.4AI score0.00746EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/02/14 12:0 a.m.4 views

PT-2023-36098 · Safemem +1 · Safemem +1

Name of the Vulnerable Software and Affected Versions: safemem affected versions not specified Description: The safemem repository has been archived by its author, with the latest crates.io release dating back to 2019. For migration purposes, several functions can be replaced with their equivalen...

6.9AI score
Exploits0References4
CNNVD
CNNVD
added 2023/02/09 12:0 a.m.4 views

go-unixfs 资源管理错误漏洞

go-unixfs is an implementation of a unix-like filesystem utility on top of ipld merkledag. A resource management error vulnerability exists in go-unixfs versions prior to 0.4.3, which stems from an attempt to read an incorrectly formatted HAMT slice directory that could lead to panic and virtual...

7.5CVSS7.3AI score0.00675EPSS
Exploits0References4
Rows per page
Query Builder