PT-2022-12393 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.1.0 Description: The issue is related to an invalid call in the gf node changed function, which can lead to a Denial of Service DoS. Recommendations: For GPAC version 1.1.0, consider disabling the gf node changed function as a...

PT-2022-12508 · Gnu +3 · Gnu Recutils +3

Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8.90 Description: The issue is related to an Use-After-Free vulnerability in the rec mset elem destroy function at rec-mset.c. This vulnerability can lead to a segmentation fault or application crash. Recommendations: F...

PT-2022-12524 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: A Pointer Dereference Vulnerability exists in the gf list count function, which causes a Denial of Service. Recommendations: For GPAC version 1.0.1, consider disabling the gf list count function as a temporary...

PT-2021-14827 · Unknown · Ic Module Cma

Name of the Vulnerable Software and Affected Versions: iC Module CMA version 5.0 Description: A stack-based buffer overflow issue exists in the CMA check udp crc function. This can be triggered by a specially-crafted packet, leading to a buffer overflow during a call to memcpy. An attacker can...

PT-2021-20145 · Gocr +1 · Gocr +1

Name of the Vulnerable Software and Affected Versions: gocr versions 0.53 through 0.53-20200802 Description: A stack-based buffer overflow issue was found in the try to divide boxes function in pgm2asc.c. This issue can potentially be exploited. Recommendations: For gocr versions 0.53 through...

PT-2021-23301 · Mp4Box · Mp4Box

Name of the Vulnerable Software and Affected Versions: MP4Box version 1.0.1 Description: The issue is a stack buffer overflow in the nhmldmx send sample function, specifically with the szXmlTo parameter, located at src/filters/dmx nhml.c:1004. This leads to a denial of service vulnerability...

PT-2021-21772 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.6.0 TensorFlow versions 2.5.1 and earlier TensorFlow versions 2.4.3 and earlier TensorFlow versions 2.3.4 and earlier Description: TensorFlow is an end-to-end open source platform for machine learning. In affect...

PT-2021-6726 · Lwip · Lwip

Name of the Vulnerable Software and Affected Versions: lwIP version git head Description: A buffer overflow vulnerability in the icmp6 send response with addrs and netif function allows attackers to access sensitive information via a crafted ICMPv6 packet. The issue is related to the copying of a...

PT-2021-7728 · Hdf5 +3 · Hdf5 +3

Name of the Vulnerable Software and Affected Versions: HDF5 versions 1.12.0 through 1.13.0 Description: The issue is related to a buffer overflow in the h5tools str sprint function, located in /hdf5/tools/lib/h5tools str.c, which can cause a denial of service. This can be exploited by a remote...

PT-2021-6710 · Gifsicle +2 · Gifsicle +2

Name of the Vulnerable Software and Affected Versions: gifsicle version 1.92 Description: The issue is related to a NULL pointer dereference in the find color or error function. This can be exploited by a remote attacker to cause a denial of service. Recommendations: For gifsicle version 1.92,...

PT-2024-11315 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 20798dfe249a Description: A NULL dereference vulnerability has been resolved in the Linux kernel. The issue occurs in the nfsd component, specifically in the nfs3svc encode getaclres function, where the dentry m...

PT-2021-3118

Name of the Vulnerable Software and Affected Versions DjVuLibre versions 3.5.28 and earlier Description A flaw was found in the function DJVU::GBitmap::decode that handles crafted djvu files, leading to a heap buffer overflow. This may cause an application crash and potentially allow a remote...

PT-2021-11749 · Wondercms · Wondercms

Name of the Vulnerable Software and Affected Versions: WonderCMS version 3.1.3 Description: A server-side request forgery SSRF vulnerability in the addCustomThemePluginRepository function in index.php allows remote attackers to execute arbitrary code via a crafted URL to the theme/plugin installe...

PT-2021-7754 · Stb +3 · Stb +3

Name of the Vulnerable Software and Affected Versions: stb versions 2.26 Description: The issue is related to a buffer overflow vulnerability in the stbi extend receive function of the stb image.h component in the stb library for C/C++. This vulnerability can be exploited by a remote attacker usi...

PT-2021-3581 · Selinux +6 · Selinux +6

Name of the Vulnerable Software and Affected Versions: SELinux version 3.2 Description: The issue is related to a use-after-free in the cil verify classperms function of the SELinux access control system. This can potentially allow an attacker to cause a denial of service. The cil verify classper...

PT-2021-11931 · Libmysofa +1 · Libmysofa +1

Name of the Vulnerable Software and Affected Versions: libmysofa versions 0.5 through 1.1 Description: The issue arises from incorrect handling of input data in the changeAttribute function, which can lead to a NULL pointer dereference and result in a segmentation fault error when restrictive...

PT-2021-7604 · Unknown +1 · Cgal Libcgal +1

Name of the Vulnerable Software and Affected Versions: CGAL libcgal version 5.1.1 Description: The issue is related to the Nef polygon-parsing functionality in CGAL libcgal. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, potentially resulting in code...

PT-2021-2030 · Xopen · Xopen

Name of the Vulnerable Software and Affected Versions: xopen versions all Description: The issue is related to a command injection vulnerability in the xopenfilepath function. This vulnerability exists due to the lack of neutralization of special elements used in the operating system command...

PT-2020-6398 · Openexr · Openexr

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 3.0.1 Description: A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR. This issue allows an attacker to execute arbitrary code with the permissions of the user running the application...

PT-2020-6473 · Academy Software Foundation +5 · Openexr +5

Name of the Vulnerable Software and Affected Versions: Academy Software Foundation OpenEXR version 2.3.0 Description: A heap-based buffer overflow issue exists in the chunkOffsetReconstruction function within the ImfMultiPartInputFile.cpp file. This can cause a denial of service when a crafted EX...