Fedora 29 : mingw-libidn2 (2019-a8d35fcf7c)

Libidn 2.2.0 released 2019-05-23 ================================== - Perform A-Label roundtrip for lookup functions by default - Stricter check of input to punycode decoder - Fix punycode decoding with no ASCII chars but given delimiter - Fix idn2 --no-tr64 was a no-op - Allow as a basic code...

Fedora 30 : mingw-libidn2 (2019-d3221d69e0)

Libidn 2.2.0 released 2019-05-23 ================================== - Perform A-Label roundtrip for lookup functions by default - Stricter check of input to punycode decoder - Fix punycode decoding with no ASCII chars but given delimiter - Fix idn2 --no-tr64 was a no-op - Allow as a basic code...

Medium: libarchive

Issue Overview: libarchive 3.3.2 suffers from an out-of-bounds read within lhareaddatanone in archivereadsupportformatlha.c when extracting a specially crafted lha archive, related to lhacrc16.CVE-2017-14503 libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0...

The vulnerability of the excludedchannels() function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to compromise data integrity, gain unauthorized access to protected information, and cause service interruptions.

The vulnerability of the excludedchannels function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to the issue of data being written beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to compromise data integrity, gain unauthorized access to...

The vulnerability of the calculate_gain function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failure.

The vulnerability of the calculategain function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to an error that causes stack overflow. Exploiting this vulnerability could allow a remote attacker to compromise data integrity, gain unauthorized access to protected information, and cause...

The vulnerability of the ifilter_bank() function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to compromise data integrity, gain unauthorized access to protected information, and cause service interruptions.

The vulnerability of the ifilterbank function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to an error that causes a NULL pointer dereferencing. Exploiting this vulnerability could allow an attacker to compromise data integrity, gain unauthorized access to protected information, and...

The vulnerability of the hf_assembly function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to trigger a service failure.

The vulnerability of the hfassembly function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to a pointer arithmetic error, which leads to a memory access that goes beyond the boundaries of the memory buffer. Exploiting this vulnerability could allow an attacker to cause a system failur...

The vulnerability of the faad_resetbits() function in the software suite for working with audio files, Freeware Advanced Audio Decoder 2 (FAAD2), allows a perpetrator to compromise data integrity, gain unauthorized access to protected information, and cause service failures.

The vulnerability of the faadresetbits function in the software suite for working with audio files, Freeware Advanced Audio Decoder 2 FAAD2, is related to buffer overflows. Exploiting this vulnerability can allow an attacker to compromise data integrity, gain unauthorized access to protected...

The vulnerability of the lt_prediction function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to trigger a service failure.

The vulnerability of the ltprediction function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to a pointer arithmetic error, which leads to a memory access that goes beyond the boundaries of the memory buffer. Exploiting this vulnerability can allow an attacker to cause a service failu...

The vulnerability of the sbr_process_channel function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to trigger a service failure.

The vulnerability of the sbrprocesschannel function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to the swapping of the zero pointer. Exploiting this vulnerability could allow a hacker to cause a service failure...

The vulnerability of the ifilter_bank function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to trigger a service failure.

The vulnerability of the ifilterbank function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to the swapping of the zero pointer. Exploiting this vulnerability could allow a hacker to cause a service failure...

The vulnerability of the ic_predict component (libfaad/ic_predict.c) in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to trigger a service denial.

The vulnerability of the icpredict component libfaad/icpredict.c in the Freeware Advanced Audio Decoder 2 FAAD2 is related to the handling of a zero pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the calculate_gain() function in the Freeware Advanced Audio Decoder 2 (FAAD2) allows a intruder to compromise data integrity, gain unauthorized access to protected information, and cause service failure.

The vulnerability of the calculategain function in the Freeware Advanced Audio Decoder 2 FAAD2 is related to the escape from memory buffers. Exploiting this vulnerability could allow an attacker to compromise data integrity, gain unauthorized access to protected information, and cause service...

xvid:fuzzer-decoder: Use-of-uninitialized-value in H_Pass_8_C

Detailed Report: https://oss-fuzz.com/testcase?key=6223309649215488 Project: xvid Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzermsanxvid Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: HPass8C interpolate8x8quarterpel decodermbinter...

xvid:fuzzer-decoder: Use-of-uninitialized-value in interpolate8x8_halfpel_v_c

Detailed Report: https://oss-fuzz.com/testcase?key=5764130241249280 Project: xvid Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzermsanxvid Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: interpolate8x8halfpelvc interpolate16x16switch...

xvid:fuzzer-decoder: Use-of-uninitialized-value in transfer_16to8add_c

Detailed Report: https://oss-fuzz.com/testcase?key=5747899123630080 Project: xvid Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzermsanxvid Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: transfer16to8addc decodermbdecode decodermbgmc...

libtheora:fuzzer-decoder: Use-of-uninitialized-value in TheoraDecoder::writeImage

Detailed Report: https://oss-fuzz.com/testcase?key=5706045170647040 Project: libtheora Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzermsanlibtheora Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State: TheoraDecoder::writeImage...

xvid:fuzzer-decoder: Heap-buffer-overflow in BitstreamSkip

Detailed Report: https://oss-fuzz.com/testcase?key=5711081858662400 Project: xvid Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzerasanxvid Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash Address: 0x626000002b40 Crash State: BitstreamSkip getdcsizelum...

xvid:fuzzer-decoder: Crash in BitstreamSkip

Detailed Report: https://oss-fuzz.com/testcase?key=5657697663320064 Project: xvid Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzermsanxvid Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x000100000001 Crash State: BitstreamSkip bsgetspritetrajectory...

xvid:fuzzer-decoder: Crash in decoder_decode

Detailed Report: https://oss-fuzz.com/testcase?key=5651853588561920 Project: xvid Fuzzing Engine: libFuzzer Fuzz Target: fuzzer-decoder Job Type: libfuzzermsanxvid Platform Id: linux Crash Type: UNKNOWN WRITE Crash Address: 0x0000fffff801 Crash State: decoderdecode xviddecore fuzzer.cpp Sanitizer...