PT-2021-6495 · Libde265 +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a heap buffer overflow in the mc chroma function of the libde265 video codec implementation for h.265. This can be exploited by a remote attacker using a specially crafted file,...

PT-2020-19480 · Simplejobscript.Com · Sjs

Name of the Vulnerable Software and Affected Versions: Simplejobscript.com SJS versions prior to 1.65 Description: An issue was discovered in Simplejobscript.com SJS. There is unauthenticated SQL injection via the search engine, specifically through the landing location parameter in the...

PT-2020-18478 · Fontforge +3 · Fontforge +3

Name of the Vulnerable Software and Affected Versions: FontForge version 20190801 Description: The issue is a heap-based buffer overflow in the Type2NotDefSplines function in splinesave.c. This occurs due to improper handling of data, leading to a potential overflow. Recommendations: For FontForg...

PT-2019-6186 · Struktur Ag +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a heap buffer overflow in the put weighted pred avg 16 fallback function of the libde265 video codec implementation. This can be exploited by a remote attacker using a specially...

PT-2019-6198 · None +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: libde265 version v1.0.4 Description: The issue is related to a heap buffer overflow in the put epel hv fallback function, which can be exploited via a crafted file, potentially allowing a remote attacker to cause a denial of service...

PT-2019-6184 · None +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a heap buffer overflow in the put weighted bipred 16 fallback function of the libde265 video codec implementation. This can be exploited by a remote attacker using a specially crafte...

CVE-2019-5266

Huawei Share function in P30 9.1.0.193C00E190R2P1 smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled...

PT-2019-15978 · Libspiro · Libspiro

Name of the Vulnerable Software and Affected Versions: Libspiro versions prior to 20190731 Description: The issue is related to a stack-based buffer overflow in the spiro to bpath0 function, located in the spiro.c file. This overflow can potentially lead to an out-of-bounds write. Recommendations...

PT-2019-15894 · Libsixel +1 · Libsixel +1

Name of the Vulnerable Software and Affected Versions: libsixel version 1.8.2 Description: A heap-based buffer overflow issue was found in the sixel decode raw impl function at fromsixel.c. Recommendations: For libsixel version 1.8.2, consider disabling the sixel decode raw impl function as a...

PT-2019-5324 · Poppler +6 · Poppler +6

Name of the Vulnerable Software and Affected Versions: Poppler versions through 0.78.0 Description: The issue is related to a divide-by-zero error in the SplashOutputDev::tilingPatternFill function at SplashOutputDev.cc. This error can be exploited by a remote attacker to cause a denial of servic...

PT-2019-2865 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8-50 Description: The issue is related to a heap-based buffer overflow in the EvaluateImages function of the MagickCore/statistic.c module. This can be exploited by a remote attacker using a specially crafted image,...

PT-2019-1678 · Red Hat +5 · Elfutils +6

Name of the Vulnerable Software and Affected Versions: elfutils version 0.175 Description: A heap-based buffer over-read was discovered in the elf32 xlatetom function in libelf. This issue can be triggered by a crafted ELF input, causing a segmentation fault that leads to a denial of service...

PT-2019-4614 · FFmpeg +3 · Ffmpeg +3

Name of the Vulnerable Software and Affected Versions: FFmpeg versions 3.2 through 4.1 Description: The issue is related to a denial of service in the subtitle decoder, allowing attackers to consume excessive CPU resources via a crafted video file in Matroska format. This is due to the ff...

PT-2018-14538 · Guardzilla · Guardzilla Gz621W

Name of the Vulnerable Software and Affected Versions: Guardzilla GZ621W version 0.5.1.4 Description: The issue is related to a Buffer Overflow in the TK set deviceModel req handle function, which is part of the cloud communication component. Recommendations: For Guardzilla GZ621W version 0.5.1.4...

PT-2023-14945 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev505-gb9577e6ad-master Description: A memory leak was discovered in GPAC via the gf isom box parse ex function at box funcs.c. This issue may allow for unauthorized access or other malicious activities. Recommendations:...

PT-2022-11275 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 1.0.1 Description: The issue allows attackers to cause a denial of service via a crafted file in the MP4Box command, specifically through the gf bs write data function. Recommendations: For GPAC version 1.0.1, consider disabling...

PT-2023-15166 · Unknown +2 · Gpac Mp4Box +2

Name of the Vulnerable Software and Affected Versions: GPAC MP4box version 2.1-DEV-rev574-g9d5bb184b Description: The issue is related to a heap use-after-free vulnerability. It occurs via the file filters/dmx m2ts.c at line 470 in the m2tsdmx declare pid function. This vulnerability can be...

PT-2022-18248 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC mp4box version 1.1.0-DEV-rev1759-geb2d1e6dd Description: The issue is a heap-buffer-overflow vulnerability in the function gf isom apple enum tag. This vulnerability can be exploited, but no specific details about the estimated number of...

PT-2023-15159 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC MP4Box version 2.1-DEV-rev574-g9d5bb184b Description: The issue is related to a segmentation violation via the function gf sm load init swf at scene manager/swf parse.c. No information is provided about the estimated number of potentiall...

PT-2022-26725 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.1-DEV-rev368-gfd054169b-master Description: A segmentation violation was discovered in GPAC via the function BD CheckSFTimeOffset at /bifs/field decode.c. Recommendations: For GPAC version 2.1-DEV-rev368-gfd054169b-master,...