» 2021 » 5월

CVE-2020-22027

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-22027

A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corruption and other potential consequences.

Source: CVE-2020-22027

CVE-2020-22023

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-22023

A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences.

Source: CVE-2020-22023

CVE-2020-22017

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-22017

A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences.

Source: CVE-2020-22017

CVE-2020-22025

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-22025

A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences.

Source: CVE-2020-22025

CVE-2020-22033

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-22033

A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service.

Source: CVE-2020-22033

CVE-2020-22022

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-22022

A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences.

Source: CVE-2020-22022

CVE-2020-22032

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-22032

A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences.

Source: CVE-2020-22032

CVE-2020-12403

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-12403

A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.

Source: CVE-2020-12403

CVE-2020-10729

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-10729

A flaw was found in the use of insufficiently random values in Ansible. Two random password lookups of the same length generate the equal value as the template caching action for the same file since no re-evaluation happens. The highest threat from this vulnerability would be that all passwords are exposed at once for the file. This flaw affects Ansible Engine versions before 2.9.6.

Source: CVE-2020-10729

CVE-2020-10774

Posted on 2021년 5월 28일2021년 5월 28일 by admin

CVE-2020-10774

A memory disclosure flaw was found in the Linux kernel’s versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.

Source: CVE-2020-10774