VulnCheck KEV: CVE-2019-5127

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...

pocketdivxencoder.net Cross Site Scripting vulnerability OBB-3775684

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

jbig2enc Security Vulnerabilities

jbig2enc is an encoder for JBIG2. A security vulnerability exists in jbig2enc version v0.28, which stems from a memory segment error SEGV problem in the function jbig2addpage. An attacker could exploit this vulnerability to cause a Denial of Service DoS...

PT-2023-32951 · Php · Php

Name of the Vulnerable Software and Affected Versions: Base64 Encoder/Decoder WordPress plugin versions 0.9.2 and earlier PHP versions prior to 8.0.30 PHP versions prior to 8.1.22 PHP versions prior to 8.2.8 Description: The issue concerns a lack of CSRF check in the Base64 Encoder/Decoder...

CVE-2023-36790

Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability...

CVE-2023-36790

Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability...

Privilege escalation

Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability...

CVE-2023-36790 Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability

...

CVE-2023-36790

CVE-2023-36790 is a Windows vulnerability described as the Windows RDP Encoder Mirror Driver Elevation of Privilege vulnerability. The initial description and the MSRC entry indicate a local elevation of privilege, with a CVSSv3.1 base score of 7.8 (HIGH), attack vector LOCAL, privileges required...

Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability

...

Exploit for Out-of-bounds Write in Webmproject Libvpx

CVE-2023-5217: libvpx VP8 Encoding Heap Overflow PoC CVE-2023...

Medium: flac

Issue Overview: Buffer Overflow vulnerability in function bitwritergrow in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. CVE-2020-22219 Affected Packages: flac Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this F...

Slackware: Security Advisory (SSA:2023-273-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OSV-2023-920 Security exception in com.github.javaparser.GeneratedJavaParser.Expression

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62731 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/sun.nio.cs.CESU8$Encoder.to3Bytes java.base/sun.nio.cs.CESU8$Encoder.encodeArrayLoop...

Google Chrome VideoEncoder av1_svc_check_reset_layer_rc_flag use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1751 Google Chrome VideoEncoder av1svccheckresetlayerrcflag use-after-free vulnerability September 25, 2023 CVE Number CVE-2023-3421 SUMMARY A use-after-free vulnerability exists in the VideoEncoder av1svccheckresetlayerrcflag functionality of Google Chrome...

GHSA-J646-GJ5P-P45G CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

Ubuntu 20.04 LTS / 22.04 LTS : FLAC vulnerability (USN-6360-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6360-1 advisory. It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a...

flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder

A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwritergrow function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder...

flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder

A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwritergrow function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder...