AZL-52587 CVE-2024-21538 affecting package js-jquery 3.5.0-4

Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service ReDoS due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string...

Heap-based Buffer Overflow

libgpac.so is vulnerable to Heap-based Buffer Overflow. The vulnerability is due to improper input size validation within the ffwrite component function in utils/osfile.c, which allows remote attackers to execute arbitrary code or cause a Denial of Service DoS through crafted input...

CVE-2024-27660

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a Null-pointer dereferences in sub41C488. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2023-24755

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the putweightedpred8fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input file...

CVE-2023-24757

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the putunweightedpred16fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input file...

Null pointer dereference

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mcchroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input file...

CVE-2023-24757

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the putunweightedpred16fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input file...

CVE-2023-24755

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the putweightedpred8fallback function at fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input file...

CVE-2023-24758

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ffhevcputweightedpredavg8sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input file...

CVE-2023-24754

libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ffhevcputweightedpredavg8sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input file...

Input validation

An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4HdlrAtom::AP4HdlrAtom which allows attackers to cause a Denial of Service DoS via a crafted input...