Windows Media Player 代码注入漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in the "Windows Media Video Decoder" in...

KLA12142 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions, spoof user interface. Below is a...

PT-2021-2742 · Microsoft · Windows Media Video Decoder +1

Name of the Vulnerable Software and Affected Versions: Windows Media Video Decoder affected versions not specified Description: The issue is related to incorrect code generation management in the Windows Media Video Decoder component of Microsoft Windows operating systems. It allows remote...

Microsoft Windows Media Player 代码注入漏洞

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A remote code execution vulnerability exists in the "Windows Media Video Decoder" in...

KLA12139 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface. Below is a complete list of...

LIM OpenEXR 输入验证错误漏洞

OpenEXR is an open-standard, high dynamic range image format that is widely used in computer graphics to store image data, but can also store some data needed for post-synthesis processing. A shift overflow vulnerability exists in FastHufDecoder in versions prior to LIM OpenEXR 3.0.0-beta, which...

Fedora 32 : jasper (2021-26cb56b3cb)

The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-26cb56b3cb advisory. - A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A speciall...

CVE-2021-3467

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened...

AZL-6494 CVE-2021-3443 affecting package jasper for versions less than 2.0.32-2

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened...

Null pointer dereference

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened...

UBUNTU-CVE-2021-3443

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.27 handled component references in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened...

CVE-2021-3467

CVE-2021-3467 is a NULL pointer dereference in Jasper’s JP2 image format decoder when handling component references in the JP2 CDEF box. A crafted JP2 image could cause an application using the Jasper library to crash. Affected: Jasper versions before 2.0.26 (per the description). Impact: crash r...

CVE-2021-3467

A NULL pointer dereference flaw was found in the way Jasper versions before 2.0.26 handled component references in CDEF box in the JP2 image format decoder. A specially crafted JP2 image file could cause an application using the Jasper library to crash when opened...

CVE-2021-3443

CVE-2021-3443 describes a NULL pointer dereference in Jasper’s JP2 image format decoder. A crafted JP2 file could cause an application using the Jasper library to crash. The description indicates the flaw exists in Jasper versions prior to 2.0.27. There is no explicit exploitation status, affecte...

JasPer 代码问题漏洞

JasPer is an open source project that aims to provide a free software-based reference implementation of the codecs specified in the JPEG-2000 Part-1 standard. A null pointer dereference vulnerability exists in versions of Jasper prior to 2.0.26. The vulnerability stems from a problem with the way...

DEBIAN-CVE-2021-27918

encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader for xml.NewTokenDecoder returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method...

AZL-79104 CVE-2021-27918 affecting package golang 1.25.7-1

encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader for xml.NewTokenDecoder returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method...

Design/Logic Flaw

encoding/xml in Go before 1.15.9 and 1.16.x before 1.16.1 has an infinite loop if a custom TokenReader for xml.NewTokenDecoder returns EOF in the middle of an element. This can occur in the Decode, DecodeElement, or Skip method...

OESA-2021-1061 openjpeg security update

Security Fixes: Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile...

OSV-2021-482 Heap-buffer-overflow in draco::MeshPredictionSchemeTexCoordsDecoder<int, draco::PredictionSchemeWrapDeco

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31587 Crash type: Heap-buffer-overflow WRITE 4 Crash state: draco::MeshPredictionSchemeTexCoordsDecoderint, draco::PredictionSchemeWrapDeco draco::MeshPredictionSchemeTexCoordsDecoderint, draco::PredictionSchemeWrapDeco...