UBUNTU-CVE-2021-32132

The abstboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. abstboxsize function in GPAC version 1.0.1 is vulnerable to null pointer dereference. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the MP4Box comma...

GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. a null pointer dereference vulnerability exists in the trakboxsize function in GPAC version 1.0.1. An attacker could exploit this vulnerability to cause a denial of service via a specially crafted file in the...

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. a memory leak vulnerability exists in the afraboxread function in MP4Box in GPAC version 1.0.1. An attacker could exploit the vulnerability to read memory via specially crafted files...

PT-2021-6519 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue is related to a memory leak in the infe box read function of the MP4Box component in the GPAC multimedia platform. This allows attackers to read memory via a crafted file, potentially giving them acce...

PT-2021-6545 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC versions 1.0.1 Description: The issue is related to a memory leak in the def parent box new function of the MP4Box component in the GPAC multimedia platform. This leak occurs due to incorrect memory deallocation before the last reference...

PT-2021-6535 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue is related to a memory leak in the afra box read function in MP4Box, a component of the GPAC multimedia platform. This allows attackers to read memory via a crafted file, potentially giving them acces...

DEBIAN-CVE-2020-19750

An issue was discovered in gpac 0.8.0. The strdup function in boxcodebase.c has a heap-based buffer over-read...

Solarwinds Orion Platform Cross-Site Scripting Vulnerability (CNVD-2021-69606)

Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. Solarwinds Orion Platform is a cross-site scripting vulnerability that can be exploited by attackers to store XSS via text box hyperlinks...

Cross site scripting

WTCMS 1.0 contains a reflective cross-site scripting XSS vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box...

CVE-2020-20345

WTCMS 1.0 contains a reflective cross-site scripting XSS vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box...

CVE-2021-35239

A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink...

CVE-2021-35239

A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink...

CVE-2021-35239 Stored XSS in Maps text box hyperlink Vulnerability

A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink...

GHSA-3VJM-36RR-7QRQ NULL Pointer Dereference in cbox

An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement for unsafe code...

Data race in abox

Affected versions of this crate implements Send/Sync for AtomicBox without requiring T: Send/T: Sync. This allows to create data races to T: !Sync and send T: !Send to another thread. Such behavior breaks the compile-time thread safety guarantees of Rust, and allows users to incur undefined...

UBUNTU-CVE-2020-18899

An uncontrolled memory allocation in DataBufdatasubBox.length-sizeofbox function of Exiv2 0.27 allows attackers to cause a denial of service DOS via a crafted input...

pdfbox: OutOfMemory-Exception while loading a crafted PDF file

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions...

DEBIAN-CVE-2021-21859

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The striboxread function is used when processing atoms using the 'stri' FOURCC code. An attacker can convince a user to open a video to trigger...

UBUNTU-CVE-2021-21859

An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The striboxread function is used when processing atoms using the 'stri' FOURCC code. An attacker can convince a user to open a video to trigger...