RSS 생중계

CVE-2020-20893

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer Overflow vulnerability in function activate in libavfilter/af_afade.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20894

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer Overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20895

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer Overflow vulnerability in function filter_vertically_##name in libavfilter/vf_avgblur.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20896

Latest 7 days CVE Lists - 16시간 12분 지남
An issue was discovered in function latm_write_packet in libavformat/latmenc.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a Null pointer dereference.

CVE-2020-20897

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer Overflow vulnerability in function filter_slice in libavfilter/vf_bm3d.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20898

Latest 7 days CVE Lists - 16시간 12분 지남
Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20899

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer Overflow vulnerability in function config_props in libavfilter/vf_bwdif.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20900

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer Overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20901

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer Overflow vulnerability in function filter_frame in libavfilter/vf_fieldorder.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20902

Latest 7 days CVE Lists - 16시간 12분 지남
A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c in FFmpeg 4.2.1 during computation of the denominator of pseudo-normalized correlation R'(0), that could result in disclosure of information.

CVE-2020-21468

Latest 7 days CVE Lists - 16시간 12분 지남
A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS).

CVE-2021-32265

Latest 7 days CVE Lists - 16시간 12분 지남
An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.

CVE-2021-32268

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac through 20200801, allows attackers to execute arbitrary code.

CVE-2020-20891

Latest 7 days CVE Lists - 16시간 12분 지남
Buffer Overflow vulnerability in function config_input in libavfilter/vf_gblur.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

CVE-2020-20892

Latest 7 days CVE Lists - 16시간 12분 지남
An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero.

Leaked Surface Pro 8 Specs Include Thunderbolt Ports and a 120 Hz Screen

Slashdot - 16시간 26분 지남
Just days ahead of Microsoft's next Surface hardware event, Twitter user @Shadlow_Leak has posted what appears to be a leaked retail listing showing some key specs of a new Surface Pro device. From a report: According to the listing, the new convertible tablet appears to ditch USB-C and USB-A ports in favor of a pair of Thunderbolt 4 ports, and it also adds 11th-gen Intel Core processors, a 13-inch screen with a 120 Hz refresh rate, and a user-replaceable SSD like the ones in some other current Surface devices. The renders show a Surface with a design similar to the current Surface Pro 7, just with a notably larger screen and smaller bezels than the current Surface Pro 7. Take this with a larger grain of salt the "screens" in these press renders are often superimposed on the devices after the fact, and they've been known to get the screen size wrong. Still, a larger screen with smaller bezels lines up with other Surface Pro 8 rumors that have been circulating, as well as general design trends in the PC industry.

Read more of this story at Slashdot.

카테고리:

Alaska Discloses 'Sophisticated' Nation-State Cyberattack on Health Service

Slashdot - 16시간 44분 지남
A nation-state cyber-espionage group has gained access to the IT network of the Alaska Department of Health and Social Service (DHSS), the agency said last week. From a report: The attack, which is still being investigated, was discovered on May 2, earlier this year, by a security firm, which notified the agency. While the DHSS made the incident public on May 18 and published two updates in June and August, the agency did not reveal any details about the intrusion until last week, when it officially dispelled the rumor that this was a ransomware attack. Instead, the agency described the intruders as a "nation-state sponsored attacker" and "a highly sophisticated group known to conduct complex cyberattacks against organizations that include state governments and health care entities."

Read more of this story at Slashdot.

카테고리:

Security updates for Monday

lwn.net - 17시간 47초 지남
Security updates have been issued by Debian (gnutls28, nettle, nextcloud-desktop, and openssl1.0), Fedora (dovecot-fts-xapian, drupal7, ghostscript, haproxy, libtpms, lynx, wordpress, and xen), openSUSE (xen), Red Hat (rh-ruby27-ruby), and SUSE (openssl, openssl1, and xen).
카테고리:

CVE-2021-39402

Latest 7 days CVE Lists - 17시간 12분 지남
MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors.

CVE-2021-40674

Latest 7 days CVE Lists - 17시간 12분 지남
An SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.

페이지

KLDP 수집기 구독하기