‼ CVE-2022-3815 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, has been found in Axiomatic Bento4. This issue affects some unknown processing of the component mp4decrypt. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212681 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3653 ‼
📖 Read
via "National Vulnerability Database".
Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)📖 Read
via "National Vulnerability Database".
👍2
🛠 OpenSSL Toolkit 3.0.7 🛠
📖 Read
via "Packet Storm Security".
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.📖 Read
via "Packet Storm Security".
Packetstormsecurity
OpenSSL Toolkit 3.0.7 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🛠 OpenSSL Toolkit 1.1.1s 🛠
📖 Read
via "Packet Storm Security".
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.📖 Read
via "Packet Storm Security".
Packetstormsecurity
OpenSSL Toolkit 1.1.1s ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
‼ CVE-2021-45447 ‼
📖 Read
via "National Vulnerability Database".
Hitachi Vantara Pentaho Business Analytics Server versions before 9.3.0.0, 9.2.0.2 and 8.3.0.25 with the Data Lineage feature enabled transmits database passwords in clear text. The transmission of sensitive data in clear text allows unauthorized actors with access to the network to sniff and obtain sensitive information that can be later used to gain unauthorized access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43253 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_unweighted_pred_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43248 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43241 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43995 ‼
📖 Read
via "National Vulnerability Database".
Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the compiler and processor architecture.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43237 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43240 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_qpel_h_2_v_1_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43252 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43245 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal<unsigned short> in sao.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43249 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39381 ‼
📖 Read
via "National Vulnerability Database".
Muhammara is a node module with c/cpp bindings to modify PDF with js for node or electron (based/replacement on/of galkhana/hummusjs). The package muhammara before 2.6.0; all versions of package hummus are vulnerable to Denial of Service (DoS) when supplied with a maliciously crafted PDF file to be appended to another. This issue has been patched in 2.6.0 for muhammara and not at all for hummus. As a workaround, do not process files from untrusted sources.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43244 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43236 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43235 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45446 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and 8.3.0.25 does not cascade the hidden property to the children of the Home folder. This directory listing provides an attacker with the complete index of all the resources located inside the directory.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43255 ‼
📖 Read
via "National Vulnerability Database".
GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain a memory leak via the component gf_odf_new_iod at odf/odf_code.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43250 ‼
📖 Read
via "National Vulnerability Database".
Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.📖 Read
via "National Vulnerability Database".