Linux Distros Unpatched Vulnerability : CVE-2018-14589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in Bento4 1.5.1-624. AP4Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read. CVE-2018-14589...

Linux Distros Unpatched Vulnerability : CVE-2018-14545

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists one invalid memory read bug in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a...

Linux Distros Unpatched Vulnerability : CVE-2018-14531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Bento4 1.5.1-624. There is an unspecified heap-buffer-overflow crash in the AP4HvccAtom class in Core/Ap4HvccAtom.cpp. CVE-2018-14531...

Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2024-624)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-624 advisory. The vulnerability allows a remote attacker to bypass implemented security restrictions. The vulnerability exists due to the way PHP handles HTTP variable names. A remote attacker can set a...

Debian: Security Advisory (DLA-624-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-site Scripting in Jenkins Core

Jenkins through 2.93 allows remote authenticated administrators to conduct XSS attacks via a crafted tool name in a job configuration form, as demonstrated by the JDK tool in Jenkins core and the Ant tool in the Ant plugin, aka SECURITY-624...

navegantesprev.sc.gov.br Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1048817 Security Researcher raviakp1004 Helped patch 624 vulnerabilities Received 4 Coordinated Disclosure badges Received 5 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting navegantesprev.sc.gov.br...

Bento4 Buffer Overflow Vulnerability (CNVD-2018-14699)

Bento4 is an open source C++ library for reading and writing MP4 files. A heap buffer overflow vulnerability exists in AP4AvccAtom::Create in the Core/Ap4AvccAtom.cpp file in Bento4 version 1.5.1-624. An attacker can exploit this vulnerability to cause a heap buffer out-of-bounds read...

UBUNTU-CVE-2018-14584

An issue has been discovered in Bento4 1.5.1-624. AP4AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read...

CVE-2018-14587

An issue has been discovered in Bento4 1.5.1-624. AP4MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read...

CVE-2018-14544

There exists one invalid memory read bug in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...

Design/Logic Flaw

There exists one invalid memory read bug in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...

Design/Logic Flaw

There exists one invalid memory read bug in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...

CVE-2018-14543

There exists one NULL pointer dereference vulnerability in AP4JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump...

CVE-2018-14544

There exists one invalid memory read bug in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...

CVE-2018-14543

There exists one NULL pointer dereference vulnerability in AP4JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump...

Bento4 Null Pointer Dereference Vulnerability

Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. A null pointer dereference vulnerability exists in AP4JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can be exploited by an attacker to cause a denial of service via specially crafted mp4 files...

Bento4 Invalid Memory Read Vulnerability

Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. An invalid memory read vulnerability exists in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can be exploited by an attacker to cause a denial of service via specially crafted mp4...

CVE-2018-14445

Summary: Bento4 library (v1.5.1-624) contains a vulnerability in AP4_File::ParseStream (Ap4File.cpp) that allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file. The issue is documented across multiple sources (NVD, CNVD, OSV, Ubuntu listings). The connected d...

UBUNTU-CVE-2018-13846

An issue has been found in Bento4 1.5.1-624. AP4Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532...