CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-23903 – speex: divide by zero in read_samples() via crafted WAV file
https://notcve.org/view.php?id=CVE-2020-23903
A Divide by Zero vulnerability in the function static int read_samples of Speex v1.2 allows attackers to cause a denial of service (DoS) via a crafted WAV file. Una vulnerabilidad de división por cero en la función static int read_samples de Speex versión v1.2, permite a atacantes causar una denegación de servicio (DoS) por medio de un archivo WAV diseñado A divide-by-zero flaw was found in speex within the read_samples() at src/speexenc.c function. This flaw allows a malicious user to provide a crafted wav file and crash the speexenc utility, resulting in a denial of service. The highest threat from this vulnerability is to system availability. • https://github.com/xiph/speex/issues/13 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LXCRAYNW5ESCE2PIGTUXZNZHNYFLJ6PX https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3SEV2ZRR47GSD3M7O5PH4XEJMKJJNG2 https://access.redhat.com/security/cve/CVE-2020-23903 https://bugzilla.redhat.com/show_bug.cgi?id=2024250 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2021-3575 – openjpeg: heap-buffer-overflow in color.c may lead to DoS or arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-3575
A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg. Se encontró un desbordamiento de búfer en la región heap de la memoria en openjpeg en color.c:379:42 en sycc420_to_rgb cuando es descomprimido un archivo .j2k diseñado. Un atacante podría usar esto para ejecutar código arbitrario con los permisos de la aplicación compilada contra openjpeg A heap-based buffer overflow was found in OpenJPEG. This flaw allows an attacker to execute arbitrary code with the permissions of the application compiled against OpenJPEG. • https://bugzilla.redhat.com/show_bug.cgi?id=1957616 https://github.com/uclouvain/openjpeg/issues/1347 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ54FGM2IGAP4AWSJ22JKHOPHCR3FGYU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QB6AI7CWXWMEDZIQY4LQ6DMIEXMDOHUP https://ubuntu.com/security/CVE-2021-3575 https://access.redhat.com/security/cve/CVE-2021-3575 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-42072
https://notcve.org/view.php?id=CVE-2021-42072
An issue was discovered in Barrier before 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage further attacks that could lead to information leaks or integrity corruption. Se ha detectado un problema en Barrier versiones anteriores a 2.4.0. El componente de barreras (también se conoce como implementación del lado del servidor de Barrier) no verifica suficientemente la identificación de los clientes que se conectan. • http://www.openwall.com/lists/oss-security/2021/11/02/4 https://github.com/debauchee/barrier/releases/tag/v2.4.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CIEVNCFEFO7L3NTM4VUZB3WKYYCBTFCI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XMU3STOKHPEZSC54MZ42YBFFC2R3BU2Q • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-41771 – golang: debug/macho: invalid dynamic symbol table command can cause panic
https://notcve.org/view.php?id=CVE-2021-41771
ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. ImportedSymbols en debug/macho (para Open u OpenFat) en Go versiones anteriores a 1.16.10 y 1.17.x versiones anteriores a 1.17.3, Accede a una Ubicación de Memoria Después del Final de un Búfer, también se conoce como una situación de "out-of-bounds slice" An out of bounds read vulnerability was found in debug/macho of the Go standard library. When using the debug/macho standard library (stdlib) and malformed binaries are parsed using Open or OpenFat, it can cause golang to attempt to read outside of a slice (array) causing a panic when calling ImportedSymbols. An attacker can use this vulnerability to craft a file which causes an application using this library to crash resulting in a denial of service. • https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf https://groups.google.com/g/golang-announce/c/0fM21h43arc https://lists.debian.org/debian-lts-announce/2022/01/msg00016.html https://lists.debian.org/debian-lts-announce/2022/01/msg00017.html https://lists.debian.org/debian-lts-announce/2023/04/msg00021.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z https://lists.fedoraproject.org/archives/list/package-announce& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-41772 – golang: archive/zip: Reader.Open panics on empty string
https://notcve.org/view.php?id=CVE-2021-41772
Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field. Go versiones anteriores a 1.16.10 y 1.17.x versiones anteriores a 1.17.3, permite un pánico de archivo/zip Reader.Open por medio de un archivo ZIP diseñado que contiene un nombre no válido o un campo filename vacío A vulnerability was found in archive/zip of the Go standard library. Applications written in Go where Reader.Open (the API implementing io/fs.FS introduced in Go 1.16) can panic when parsing a crafted ZIP archive containing completely invalid names or an empty filename argument. • https://cert-portal.siemens.com/productcert/pdf/ssa-744259.pdf https://groups.google.com/g/golang-announce/c/0fM21h43arc https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OFS3M3OFB24SWPTIAPARKGPUMQVUY6Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ON7BQRRJZBOR5TJHURBAB3WLF4YXFC6Z https://security.gentoo.org/glsa/202208-02 https://security.netapp.com/advisory/ntap-20211210-0003 https://www.oracle.com/security-alerts/cpujul2022.html • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •