517 matches found
PT-2024-6072 · FFmpeg +4 · Ffmpeg +4
Name of the Vulnerable Software and Affected Versions: FFmpeg version n6.1 Description: The issue is related to a heap buffer overflow vulnerability in the draw block rectangle function of libavfilter/vf codecview.c. This allows attackers to cause undefined behavior or a Denial of Service DoS via...
PT-2024-2670 · Yasm +2 · Yasm +2
Name of the Vulnerable Software and Affected Versions: YASM version 1.3.0.86.g9def Description: The issue in YASM is related to the expand mmac params function, which is associated with an uncontrolled consumption of resources. Exploitation of this issue may allow an attacker to cause a denial of...
PT-2023-32907 · Gopeak · Gopeak Masterlab
Name of the Vulnerable Software and Affected Versions: gopeak MasterLab versions up to 3.3.10 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting the function sqlInjectDelete of the file app/ctrl/framework/Feature.php. The manipulation o...
PT-2023-31764 · Tenda · Tenda W9
Name of the Vulnerable Software and Affected Versions: Tenda W9 version 1.0.0.74456 CN Description: A command injection issue was discovered via the formGetDiagnoseInfo function. Recommendations: For Tenda W9 version 1.0.0.74456 CN, consider disabling the formGetDiagnoseInfo function until a patc...
PT-2023-8314 · Tenda · Tenda W9
Name of the Vulnerable Software and Affected Versions: Tenda W9 version 1.0.0.74456 CN Description: The issue is related to a stack overflow vulnerability in the formSetUplinkInfo function of the Tenda W9 wireless access point's firmware, allowing an attacker to execute arbitrary code remotely by...
PT-2023-8317 · Tenda · Tenda I29
Name of the Vulnerable Software and Affected Versions: Tenda i29 version 1.0 V1.0.0.5 Description: The issue is related to a buffer overflow in the sysTimeInfoSet function, which can be triggered via the time parameter. This can potentially allow a remote attacker to execute arbitrary code...
PT-2023-31215 · Totolink · Totolink A7000R
Name of the Vulnerable Software and Affected Versions: TOTOLink A7000R version 9.1.0u.6115 B20201022 Description: The issue is a stack overflow vulnerability. It can be exploited via the setIpPortFilterRules function. Recommendations: For TOTOLink A7000R version 9.1.0u.6115 B20201022, as a...
PT-2023-32528 · WordPress · Welcart E-Commerce
Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce plugin for WordPress versions up to, and including, 2.9.6 Description: The issue allows administrators to upload .pem or .crt files to arbitrary locations on the server via the upload certificate file function, making it...
PT-2023-31452 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 16.01.0.124843 Description: A stack overflow issue was discovered via the function formUpgradeMeshOnline. Recommendations: For Tenda W30E version 16.01.0.124843, consider disabling the formUpgradeMeshOnline function until a...
PT-2023-30983 · Unknown · Appointment Scheduler
Name of the Vulnerable Software and Affected Versions: Appointment Scheduler version 3.0 Description: A lack of rate limiting in pjActionAjaxSend allows attackers to cause resource exhaustion. There is no information provided about the estimated number of potentially affected devices worldwide or...
PT-2023-7930 · Tinydir +1 · Tinydir +1
Name of the Vulnerable Software and Affected Versions: TinyDir versions prior to 1.2.6 Description: The issue is related to buffer overflows in the tinydir file open function, which can be exploited by a remote attacker to execute arbitrary code. TinyDir is a lightweight C directory and file...
PT-2023-8877 · Openlink +4 · Openlink Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.11 Description: The issue is related to the box mpy function in openlink virtuoso-opensource, which allows attackers to cause a Denial of Service DoS after running a SELECT statement. This is due to...
PT-2023-8880 · Openlink +4 · Virtuoso-Opensource +4
Name of the Vulnerable Software and Affected Versions: virtuoso-opensource version 7.2.11 Description: The issue is related to insufficient input processing in the box col len function, which can be exploited by a remote attacker to cause a Denial of Service DoS after running a SELECT statement...
PT-2023-31017 · Openlink +1 · Openlink Virtuoso-Opensource +1
Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.11 Description: An issue in the box deserialize reusing function allows attackers to cause a Denial of Service DoS after running a SELECT statement. Recommendations: For openlink virtuoso-opensource...
PT-2023-8648 · Libde265 +4 · Libde265 +4
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.14 Description: The issue is related to a heap-buffer-overflow vulnerability in the derive combined bipredictive merging candidates function at motion.cc. This vulnerability may allow a remote attacker to impact the...
PT-2023-8649 · Libde265 +4 · Libde265 +4
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.14 Description: The issue is related to a global buffer overflow vulnerability in the read coding unit function at slice.cc. This vulnerability may allow a remote attacker to impact the confidentiality, integrity, and...
PT-2023-8338 · Libde265 +4 · Libde265 +4
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.14 Description: The issue is related to a heap-buffer-overflow vulnerability in the derive spatial luma vector prediction function. This vulnerability may allow a remote attacker to impact the confidentiality, integrity,...
PT-2023-30713 · Giflib +6 · Giflib +6
Name of the Vulnerable Software and Affected Versions: GifLib version 5.2.1 Description: The issue is related to a buffer overflow in the GifLib project, which allows a local attacker to obtain sensitive information. This is achieved via the DumpSCreen2RGB function in gif2rgb.c. Recommendations:...
PT-2023-8889 · D Link · D-Link Dir-882
Name of the Vulnerable Software and Affected Versions: D-Link DIR-882 version DIR882A1 FW130B06 Description: The issue is caused by a stack overflow in the sub 477AA0 function of the D-Link DIR-882 router's firmware. This can allow a remote attacker to cause a denial of service or execute arbitra...
PT-2023-8942 · Gpac +2 · Gpac +2
Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev566-g50c2ab06f-master Description: The issue is related to the gf filterpacket del function in the /gpac/src/filter core/filter.c file of the GPAC multimedia platform. It involves incorrect use of dynamic memory, which...