Vulnerabilities fixed in IBM FileNet Content manager

IBM has fixed two vulnerabilities in the PDFBox module in the FileNet Content Manager. An unauthenticated malicious person at remote can exploit the vulnerabilities to cause a denial-of-service by tricking a victim into processing a rogue PDF file or have it processed. IBM has released updates to...

CVE-2021-28547

Adobe Creative Cloud Desktop Application for macOS version 5.3 and earlier is affected by a privilege escalation vulnerability that could allow a normal user to delete the OOBE directory and get permissions of any directory under the administrator authority...

PortlandLabs Concrete CMS Cross-Site Request Forgery Vulnerability (CNVD-2021-76080)

PortlandLabs Concrete Cms is a team-oriented open source content management system for the United States PortlandLabs . A cross-site request forgery vulnerability exists in PortlandLabs Concrete CMS, which stems from a failure to validate CCM tokens when adding a save endpoint to the product's...

Denial Of Service (DoS)

gpac is vulnerable to denial of service. The vulnerability exists due a NULL pointer dereference in the function vwidboxdel located in boxcodebase.c...

CVE-2021-39591

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swfGetShapeBoundingBox located in swfshape.c. It allows an attacker to cause Denial of Service...

DEBIAN-CVE-2021-32270

An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwidboxdel located in boxcodebase.c. It allows an attacker to cause Denial of Service...

DEBIAN-CVE-2021-32269

An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilstitemboxdump located in boxdump.c. It allows an attacker to cause Denial of Service...

UBUNTU-CVE-2021-32270

An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwidboxdel located in boxcodebase.c. It allows an attacker to cause Denial of Service...

UBUNTU-CVE-2021-39591

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function swfGetShapeBoundingBox located in swfshape.c. It allows an attacker to cause Denial of Service...

gpac 代码问题漏洞

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. a null pointer dereference vulnerability exists in the ilstitemboxdump function in boxdump.c in GPAC 20200801 and earlier versions. An attacker could exploit this vulnerability to cause a denial of service...

GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. vwidboxdel function in boxcodebase.c in GPAC 20200801 and earlier versions is vulnerable to null pointer dereference. An attacker could exploit this vulnerability to cause a denial of service...

GPAC null pointer dereference vulnerability (CNVD-2021-79756)

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. a null pointer dereference vulnerability exists in the trakboxsize function in GPAC version 1.0.1. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the...

DEBIAN-CVE-2021-33361

Memory leak in the afraboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

DEBIAN-CVE-2021-33363

Memory leak in the infeboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

DEBIAN-CVE-2021-32138

The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

Memory corruption

Memory leak in the infeboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

UBUNTU-CVE-2021-33363

Memory leak in the infeboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

UBUNTU-CVE-2021-33361

Memory leak in the afraboxread function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

UBUNTU-CVE-2021-33364

Memory leak in the defparentboxnew function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file...

DEBIAN-CVE-2021-32135

The trakboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...