Category Archives: Advisories

CVE-2014-125007

Read Time:15 Second

A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.

Read More

CVE-2014-125008

Read Time:15 Second

A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Read More

CVE-2014-125009

Read Time:15 Second

A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.

Read More

CVE-2014-125010

Read Time:16 Second

A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

Read More

CVE-2014-125011

Read Time:16 Second

A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.

Read More

CVE-2014-125002

Read Time:16 Second

A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

Read More

DSA-5164 exo – security update

Read Time:14 Second

It was discovered that exo, a support library for the Xfce desktop environment,
would allow executing remote .desktop files. In some scenario, an attacker
could use this vulnerability to trick an user an execute arbitrary code on the
platform with the privileges of that user.

Read More

SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series

Read Time:17 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 17

SEC Consult Vulnerability Lab Security Advisory < 20220615-0 >
=======================================================================
title: Hardcoded Backdoor User and Outdated Software Components
product: Nexans FTTO GigaSwitch industrial/office switches HW version 5
vulnerable version: See “Vulnerable / tested versions”
fixed version: V6.02N, V7.02
CVE number: CVE-2022-32985…

Read More