A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
Category Archives: Advisories
CVE-2014-125008
A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125009
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125010
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125011
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125002
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
DSA-5164 exo – security update
It was discovered that exo, a support library for the Xfce desktop environment,
would allow executing remote .desktop files. In some scenario, an attacker
could use this vulnerability to trick an user an execute arbitrary code on the
platform with the privileges of that user.
SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 17
SEC Consult Vulnerability Lab Security Advisory < 20220615-0 >
=======================================================================
title: Hardcoded Backdoor User and Outdated Software Components
product: Nexans FTTO GigaSwitch industrial/office switches HW version 5
vulnerable version: See “Vulnerable / tested versions”
fixed version: V6.02N, V7.02
CVE number: CVE-2022-32985…
dotnet6.0-6.0.106-1.fc35
FEDORA-2022-48ab445ac5
Packages in this update:
dotnet6.0-6.0.106-1.fc35
Update description:
This is the June 2022 monthly release for .NET 6. This updates .NET SDK to 6.0.106 and Runtime to 6.0.6.
It includes at least one known security fix.
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.6/6.0.6.md
dotnet6.0-6.0.106-1.fc36
FEDORA-2022-a14a16369d
Packages in this update:
dotnet6.0-6.0.106-1.fc36
Update description:
This is the June 2022 monthly release for .NET 6. This updates .NET SDK to 6.0.106 and Runtime to 6.0.6.
It includes at least one known security fix.
Upstream release notes: https://github.com/dotnet/core/blob/main/release-notes/6.0/6.0.6/6.0.6.md