PT-2020-6929

Name of the Vulnerable Software and Affected Versions libcroco versions 0.6.13 and earlier Description The issue is related to the cr parser parse any core function in the cr-parser.c component of the libcroco library, which is used for working with cascading style sheets css2. It is associated...

PT-2020-12955 · Iqrouter · Iqrouter

Name of the Vulnerable Software and Affected Versions: IQrouter versions 3.3.1 and earlier Description: The issue allows remote attackers to change the root password arbitrarily using the Lua function diag set password in the web-panel. This can occur on a brand-new network that has not been...

PT-2020-6978 · Hdf5 +4 · Hdf5 +4

Name of the Vulnerable Software and Affected Versions: HDF5 versions prior to 1.12.1 Description: An issue exists in the function H5F get nrefs located in H5Fquery.c, which is related to a NULL pointer dereference. This issue allows an attacker to cause Denial of Service. Recommendations: For...

PT-2021-6495 · Libde265 +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a heap buffer overflow in the mc chroma function of the libde265 video codec implementation for h.265. This can be exploited by a remote attacker using a specially crafted file,...

PT-2020-19480 · Simplejobscript.Com · Sjs

Name of the Vulnerable Software and Affected Versions: Simplejobscript.com SJS versions prior to 1.65 Description: An issue was discovered in Simplejobscript.com SJS. There is unauthenticated SQL injection via the search engine, specifically through the landing location parameter in the...

PT-2020-18478 · Fontforge +3 · Fontforge +3

Name of the Vulnerable Software and Affected Versions: FontForge version 20190801 Description: The issue is a heap-based buffer overflow in the Type2NotDefSplines function in splinesave.c. This occurs due to improper handling of data, leading to a potential overflow. Recommendations: For FontForg...

PT-2019-6186 · Struktur Ag +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a heap buffer overflow in the put weighted pred avg 16 fallback function of the libde265 video codec implementation. This can be exploited by a remote attacker using a specially...

PT-2019-6198 · None +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: libde265 version v1.0.4 Description: The issue is related to a heap buffer overflow in the put epel hv fallback function, which can be exploited via a crafted file, potentially allowing a remote attacker to cause a denial of service...

PT-2019-6184 · None +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a heap buffer overflow in the put weighted bipred 16 fallback function of the libde265 video codec implementation. This can be exploited by a remote attacker using a specially crafte...

CVE-2019-5266

Huawei Share function in P30 9.1.0.193C00E190R2P1 smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled...

PT-2019-15978 · Libspiro · Libspiro

Name of the Vulnerable Software and Affected Versions: Libspiro versions prior to 20190731 Description: The issue is related to a stack-based buffer overflow in the spiro to bpath0 function, located in the spiro.c file. This overflow can potentially lead to an out-of-bounds write. Recommendations...

PT-2019-15894 · Libsixel +1 · Libsixel +1

Name of the Vulnerable Software and Affected Versions: libsixel version 1.8.2 Description: A heap-based buffer overflow issue was found in the sixel decode raw impl function at fromsixel.c. Recommendations: For libsixel version 1.8.2, consider disabling the sixel decode raw impl function as a...

PT-2019-5324 · Poppler +6 · Poppler +6

Name of the Vulnerable Software and Affected Versions: Poppler versions through 0.78.0 Description: The issue is related to a divide-by-zero error in the SplashOutputDev::tilingPatternFill function at SplashOutputDev.cc. This error can be exploited by a remote attacker to cause a denial of servic...

PT-2019-2865 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8-50 Description: The issue is related to a heap-based buffer overflow in the EvaluateImages function of the MagickCore/statistic.c module. This can be exploited by a remote attacker using a specially crafted image,...

PT-2019-6376

Name of the Vulnerable Software and Affected Versions Linux kernel version 5.0.21 Description The issue is related to the index rbio pages function in the fs/btrfs/raid56.c module of the btrfs filesystem in the Linux operating system. It involves a slab-out-of-bounds write access when mounting a...

PT-2019-1678 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils version 0.175 Description: A heap-based buffer over-read was discovered in the elf32 xlatetom function in libelf. This issue can be triggered by a crafted ELF input, causing a segmentation fault that leads to a denial of service...

PT-2019-4614 · FFmpeg +3 · Ffmpeg +3

Name of the Vulnerable Software and Affected Versions: FFmpeg versions 3.2 through 4.1 Description: The issue is related to a denial of service in the subtitle decoder, allowing attackers to consume excessive CPU resources via a crafted video file in Matroska format. This is due to the ff...

PT-2018-14538 · Guardzilla · Guardzilla Gz621W

Name of the Vulnerable Software and Affected Versions: Guardzilla GZ621W version 0.5.1.4 Description: The issue is related to a Buffer Overflow in the TK set deviceModel req handle function, which is part of the cloud communication component. Recommendations: For Guardzilla GZ621W version 0.5.1.4...

PT-2023-14945 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev505-gb9577e6ad-master Description: A memory leak was discovered in GPAC via the gf isom box parse ex function at box funcs.c. This issue may allow for unauthorized access or other malicious activities. Recommendations:...

PT-2022-11275 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue allows attackers to cause a denial of service via a crafted file in the MP4Box command, specifically through the gf bs write data function. Recommendations: For GPAC version 1.0.1, consider disabling...