MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips that stems from an incorrect boundary check in the alac decoder module, which could lead to information disclosure...

MediaTek Chip Security Breach

MediaTek chips are a variety of chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips due to incorrect error handling in the alac decoder module, which may result in out-of-bounds writes...

PT-2024-18496 · Unknown · Alac Decoder

Name of the Vulnerable Software and Affected Versions: alac decoder affected versions not specified Description: The issue is related to an incorrect error handling in the alac decoder, which could lead to a possible out of bounds write. This could result in remote escalation of privilege with no...

PT-2024-18495 · Unknown · Mp3 Decoder

Name of the Vulnerable Software and Affected Versions: mp3 decoder affected versions not specified Description: The issue is related to a possible out of bounds write due to a race condition in the mp3 decoder. This could lead to remote escalation of privilege with no additional execution...

PT-2024-18499 · Unknown · Alac Decoder

Name of the Vulnerable Software and Affected Versions: alac decoder affected versions not specified Description: In the alac decoder, there is a possible information disclosure due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges neede...

The vulnerability of the JPEG XL decoder in the FFmpeg multimedia library allows a hacker to execute arbitrary code.

The vulnerability of the JPEG XL decoder in the FFmpeg multimedia library is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

The vulnerability of the jpegxl_anim_read_packet() function in the JPEG XL decoder allows a hacker to execute arbitrary code.

The vulnerability of the jpegxlanimreadpacket function in the JPEG XL decoder, a multimedia library from FFmpeg, is related to a potential integer overflow. Exploiting this vulnerability could allow an attacker to execute arbitrary code remotely...

SUSE CVE-2024-22860

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxlanimreadpacket component in the JPEG XL Animation decoder...

CVE-2024-22860

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxlanimreadpacket component in the JPEG XL Animation decoder...

CVE-2024-22860

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxlanimreadpacket component in the JPEG XL Animation decoder...

CVE-2024-22860

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxlanimreadpacket component in the JPEG XL Animation decoder...

Integer overflow

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxlanimreadpacket component in the JPEG XL Animation decoder...

CVE-2024-22860

FFmpeg before n6.1 is vulnerable to an integer overflow in the JPEG XL Animation decoder (jpegxl_anim_read_packet), enabling remote code execution. The issue affects FFmpeg’s handling of that component and is classified as critical by CVSS v3.1 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). The vulnerabi...

CVE-2024-22860

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxlanimreadpacket component in the JPEG XL Animation decoder...

CVE-2024-22860

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxlanimreadpacket component in the JPEG XL Animation decoder...

CVE-2022-48622

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...

CVE-2022-48622

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...

AZL-34726 CVE-2022-48622 affecting package gdk-pixbuf2 for versions less than 2.42.10-2

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...

CVE-2022-48622

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...

AZL-34069 CVE-2022-48622 affecting package gdk-pixbuf2 for versions less than 2.40.0-6

In GNOME GdkPixbuf aka gdk-pixbuf through 2.42.10, the ANI Windows animated cursor decoder encounters heap memory corruption in aniloadchunk in io-ani.c when parsing chunks in a crafted .ani file. A crafted file could allow an attacker to overwrite heap metadata, leading to a denial of service or...