Security
Headlines
HeadlinesLatestCVEs

Tag

#linux

CVE-2022-46490: Memory leak in afrt_box_read function of box_code_adobe.c:706:35 · Issue #2327 · gpac/gpac

GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.

CVE
Open in Source
#linux#js#git#c++#auth#ssl
CVE-2022-47094: Null pointer dereference filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid · Issue #2345 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Null pointer dereference via filters/dmx_m2ts.c:343 in m2tsdmx_declare_pid

CVE-2022-47095: Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c · Issue #2346 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c

CVE-2022-47091: Buffer overflow in gf_text_process_sub function of filters/load_text.c · Issue #2343 · gpac/gpac

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c

CVE-2022-46489: Memory leak in gf_isom_box_parse_ex function of box_funcs.c:166:13 · Issue #2328 · gpac/gpac

GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gf_isom_box_parse_ex function at box_funcs.c.

Google patches 60 vulnerabilities in first Android update of 2023

Categories: Android Categories: News Tags: 2023-01-01 Tags: 2023-01-05 Tags: Google Tags: Android Tags: CVE-2022-42719 Tags: CVE-2022-42720 Tags: CVE-2022-42721 Tags: mac80211 Tags: CVE-2022-41674 Tags: Qualcomm Tags: CVE-2022-22088 Google has published its first security bulletin of 2023 with details of vulnerabilities affecting Android devices. It includes fixes for 60 security issues. (Read more...) The post Google patches 60 vulnerabilities in first Android update of 2023 appeared first on Malwarebytes Labs.

CVE-2022-43540

A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with local macOS instance access to potentially obtain sensitive information. A successful exploit could allow an attacker to retrieve information that is of a sensitive nature in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x: 6.10.7 and below and ClearPass Policy Manager 6.9.x: 6.9.12 and below.

CVE-2022-22371: Security Bulletin: Dashboard of IBM Sterling B2B Integrator is vulnerable to session mismanagment (CVE-2022-22371)

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 221195.

CVE-2022-48217: Potential vulnerability: topic names from ROS parameters · Issue #1 · tradr-project/tf_remapper_cpp

** DISPUTED ** The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled old_tf_topic_name and/or new_tf_topic_name parameter. NOTE: the vendor's position is "it is the responsibility of the programmer to make sure that only known and required parameters are set and unexpected parameters are not."

CVE-2022-22337: Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnerable to information disclosure (CVE-2022-22337)

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could disclose sensitive information to an authenticated user. IBM X-Force ID: 219507.