The vulnerability of the mp4ff_read_stts function in the software for working with audio files, known as Freeware Advanced Audio Decoder 2 (FAAD2), allows a hacker to trigger a service denial.

The vulnerability of the mp4ffreadstts function in the software suite for working with audio files, Freeware Advanced Audio Decoder 2 FAAD2, is related to improper processing of mp4 files. This can lead to excessive resource consumption by the processor. Exploiting this vulnerability could allow ...

ALPINE-CVE-2019-6956

An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c...

Buffer overflow

An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c...

CVE-2019-6956

An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c...

CVE-2019-6956

An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c...

CVE-2019-6956

An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c...

CVE-2019-6956

An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c...

CVE-2019-6956

FAAD2 2.8.8 contains CVE-2019-6956: a buffer over-read in ps_mix_phase (libfaad/ps_dec.c). Public advisories (Debian, Gentoo GLSA) link this to potential denial of service and related impacts; Debian notes several FAAD2 CVEs in older releases. The issues are fixed in later FAAD2 releases (Gentoo ...

CVE-2019-6956

An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. It is a buffer over-read in psmixphase in libfaad/psdec.c...

PT-2019-11520 · Dcmtk +3 · Dcmtk +3

Name of the Vulnerable Software and Affected Versions: DCMTK versions 3.6.3 and below Description: The issue affects the DcmRLEDecoder component, specifically the decompress function in the dcrledec.h file. It can lead to a buffer overflow, resulting in possible code execution and confirmed Denia...

openvswitch: Mishandle of group mods in lib/ofp-util.c:parse_group_prop_ntr_selection_method() allows for assertion failure

An issue was discovered in Open vSwitch OvS, 2.4.x through 2.4.1, 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and2.9.x through 2.9.2, affecting the parsegrouppropntrselectionmethod in lib/ofp-util.c. On controllers with the OpenFlow 1.5 decoder enabled, a...

openvswitch: Mishandle of group mods in lib/ofp-util.c:parse_group_prop_ntr_selection_method() allows for assertion failure

An issue was discovered in Open vSwitch OvS, 2.4.x through 2.4.1, 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and2.9.x through 2.9.2, affecting the parsegrouppropntrselectionmethod in lib/ofp-util.c. On controllers with the OpenFlow 1.5 decoder enabled, a...

Denial Of Service (DoS)

openvswitch is vulnerable to denial of service. An assertion failure in the parsegrouppropntrselectionmethod function in lib/ofp-util.c allows for an attacker to cause a denial of service condition in the application. This is due to an invalid group type during decoding of a group mod when the...

Denial Of Service (DoS)

haproxy is vulnerable to denial of service. An out-of-bounds read in the hpackvalididx function in HPACK decoder used for HTTP/2 allows a remote attacker to crash the service...

Denial Of Service (DoS)

tomcat-util is vulnerable to denial of service DoS attacks. The attack exists due to not proper handling of overflow in the decodeHasArray function in UTF-8 decoder...

Denial Of Service (DoS)

qemu-kvm-rhev is vulnerable to denial of service. It was found that the QEMU's websocket frame decoder processed incoming frames without limiting resources used to process the header and the payload. An attacker able to access a guest's VNC console could use this flaw to trigger a denial of servi...

ZeroMQ libzmq Code Execution Vulnerability

ZeroMQ libzmq aka 0MQ is a lightweight distributed messaging engine core library. A code execution vulnerability in the zzmq::v2decodert::sizeready in the v2decoder.cpp file in ZeroMQ libzmq version 4.2.x and 4.3.x versions prior to 4.3.1 can be exploited by an attacker to overwrite arbitrary byt...

DEBIAN-CVE-2019-6250

A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...

UBUNTU-CVE-2019-6250

A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...

ALPINE-CVE-2019-6250

A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...