748 matches found
CBL Mariner 2.0 Security Update: golang (CVE-2021-41771)
The version of golang installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-41771 advisory. - ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a...
ALPINE-CVE-2023-27102
Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...
DEBIAN-CVE-2023-27102
Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...
Design/Logic Flaw
Libde265 v1.0.11 was discovered to contain a segmentation violation via the function decodercontext::processslicesegmentheader at decctx.cc...
Libde265 代码问题漏洞
Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.11, which stems from a segmentation violation discovered via the decodercontext::processslicesegmentheader function in decctx.cc...
GO-2023-1623 Out-of-memory panic in github.com/crossplane/crossplane-runtime
An out of memory panic vulnerability exists in the crossplane-runtime libraries. Applications that use the Paved type's SetValue method with user-provided input that is not properly validated might use excessive amounts of memory and cause an out of memory panic. In the fieldpath package, the...
DEBIAN-CVE-2022-47665
Libde265 1.0.9 has a heap buffer overflow vulnerability in de265image::setSliceAddrRSint, int, int...
SUSE CVE-2014-9604
libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Ut Video data, related to the 1 restoremedian and 2...
SUSE CVE-2014-10077
Hashslice in lib/i18n/coreext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service application crash via a call in a situation where :somekey is present in keepkeys but not present in the hash...
SUSE CVE-2015-8661
The h264sliceheaderinit function in libavcodec/h264slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other...
SUSE CVE-2017-7859
FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ffh264slicecontextinit function in libavcodec/h264dec.c...
SUSE CVE-2018-6392
The filterslice function in libavfilter/vftranspose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service out-of-array access via a crafted MP4 file...
SUSE CVE-2019-9810
Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1...
SUSE CVE-2019-19922
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfsquotaus is used e.g., with Kubernetes, allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. In other words, althoug...
SUSE CVE-2020-12657
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfqidleslicetimerbody...
SUSE CVE-2020-28852
In x/text in Go before v0.3.5, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. x/text/language is supposed to be able to parse an HTTP Accept-Language header...
SUSE CVE-2021-25737
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...
SUSE CVE-2022-21736
Tensorflow is an Open Source Machine Learning Framework. The implementation of SparseTensorSliceDataset has an undefined behavior: under certain condition it can be made to dereference a nullptr value. The 3 input arguments to SparseTensorSliceDataset represent a sparse tensor. However, there are...
PT-2023-36098 · Safemem +1 · Safemem +1
Name of the Vulnerable Software and Affected Versions: safemem affected versions not specified Description: The safemem repository has been archived by its author, with the latest crates.io release dating back to 2019. For migration purposes, several functions can be replaced with their equivalen...
go-unixfs 资源管理错误漏洞
go-unixfs is an implementation of a unix-like filesystem utility on top of ipld merkledag. A resource management error vulnerability exists in go-unixfs versions prior to 0.4.3, which stems from an attempt to read an incorrectly formatted HAMT slice directory that could lead to panic and virtual...