Lucene search
K

330 matches found

Huntr
Huntr
added 2021/12/26 10:55 a.m.20 views

Cross-site Scripting (XSS) - Stored in star7th/showdoc

Description Stored XSS via upload attachment with format .svg in File Library. Detail When opening the attachment, some format files will be rendered and loaded on the browser. So it allows executing arbitrary javascript code that was injected into attachment before. Proof of Concept PoC.svg var...

3.5CVSS0.2AI score0.00642EPSS
Exploits1
CNNVD
CNNVD
added 2021/10/21 12:0 a.m.12 views

stb 安全漏洞

stb is a single-file public domain library for C/C. stbimage.h is one of the image loaders. stb stbimage.h is vulnerable, and an attacker could use stbimage to crash the service or read up to 1024 bytes of non-contiguous heap data without controlling where it is read...

7.1CVSS5.5AI score0.0136EPSS
Exploits1References15
OSV
OSV
added 2021/07/21 6:15 p.m.1 views

UBUNTU-CVE-2020-19497

Integer overflow vulnerability in MatVarReadNextInfo5 in mat5.c in tbeu matio aka MAT File I/O Library 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts...

8.8CVSS7.3AI score0.01368EPSS
Exploits1References4
OSV
OSV
added 2021/03/05 11:2 a.m.4 views

OESA-2021-1040 audiofile security update

The Audio File Library is a C-based library for reading and writing audio files in many common formats. The Audio File Library provides a uniform API which abstracts away details of file formats and data formats. The same calls for opening a file, accessing and manipulating audio metadata e.g...

7.8CVSS7.5AI score0.03241EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2020/09/29 8:21 p.m.6 views

audiofile: NULL pointer dereference in ModuleState::setup() in modules/ModuleState.cpp allows for denial of service via crafted file

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS5.8AI score0.03113EPSS
Exploits1References4
OSV
OSV
added 2020/09/24 4:15 p.m.3 views

CVE-2020-12840

ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php...

6.5CVSS6.7AI score0.00494EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2020/08/19 12:0 a.m.4 views

The vulnerability of the module for working with ZIP files by the zipfile Python package, which allows a hacker to trigger a denial-of-service attack

The vulnerability of the zipfile library for working with ZIP files in Python-related software packages is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using a malicious ZIP archive known as a “ZIP bomb”...

7.8CVSS6.8AI score0.0549EPSS
Exploits0References10Affected Software4
CNVD
CNVD
added 2020/03/09 12:0 a.m.2 views

Audio File Library Buffer Overflow Vulnerability

Audio File Library aka audiofile is an audio file library. A buffer overflow vulnerability exists in the 'afReadFrames' function in Audio File Library. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting...

8.8CVSS7.4AI score0.08802EPSS
Exploits0References1
Prion
Prion
added 2020/02/19 9:15 p.m.17 views

Buffer overflow

Buffer overflow in the afReadFrames function in audiofile aka libaudiofile and Audio File Library allows user-assisted remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c...

6.8CVSS8.6AI score0.08802EPSS
Exploits0References6Affected Software3
CVE
CVE
added 2020/02/19 8:27 p.m.122 views

CVE-2015-7747

CVE-2015-7747 affects the Audio File Library (audiofile/libaudiofile). The vulnerability is a buffer overflow in afReadFrames that can be triggered by a crafted audio file, potentially causing a denial of service or arbitrary code execution. The issue is corroborated across multiple feeds (includ...

8.8CVSS8.9AI score0.08802EPSS
Exploits0References6Affected Software2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for libgsf (EulerOS-SA-2019-2240)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.0133EPSS
Exploits0References2
CNVD
CNVD
added 2019/07/18 12:0 a.m.3 views

NASA CFITSIO Buffer Overflow Vulnerability

NASA CFITSIO is a FITS file subroutine library that is primarily used to read and write data files in the FITS Flexible Image Transfer System format. A buffer overflow vulnerability exists in NASA CFITSIO versions prior to 3.43. The vulnerability stems from a networked system or product performin...

9.8CVSS7.3AI score0.07172EPSS
Exploits0References1
OSV
OSV
added 2019/07/02 12:15 a.m.3 views

DEBIAN-CVE-2019-13147

In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...

6.5CVSS5.7AI score0.01913EPSS
Exploits1References1
OSV
OSV
added 2019/07/02 12:15 a.m.9 views

AZL-44760 CVE-2019-13147 affecting package audiofile 0.3.6-27

In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...

6.5CVSS6.5AI score0.01913EPSS
Exploits1References1
OSV
OSV
added 2019/07/02 12:15 a.m.22 views

CVE-2019-13147

In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...

6.5CVSS6.3AI score
Exploits0References3
Prion
Prion
added 2019/07/02 12:15 a.m.28 views

Null pointer dereference

In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...

4.3CVSS6.1AI score0.01913EPSS
Exploits1References2Affected Software2
UbuntuCve
UbuntuCve
added 2019/07/02 12:15 a.m.26 views

CVE-2019-13147

In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...

6.5CVSS6.6AI score0.01913EPSS
Exploits1References3
OSV
OSV
added 2019/07/02 12:15 a.m.1 views

UBUNTU-CVE-2019-13147

In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...

6.5CVSS6.5AI score0.01913EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2019/07/01 12:0 a.m.4 views

PT-2019-2965 · Unknown +4 · Audio File Library +4

Name of the Vulnerable Software and Affected Versions: Audio File Library versions 0.3.6 Description: The issue is related to a NULL pointer dereference bug in the ulaw2linear buf function in G711.cpp within the libmodules.a library. This bug allows an attacker to cause a denial of service via a...

8.8CVSS7.1AI score0.04654EPSS
Exploits4References59
Cvelist
Cvelist
added 2019/07/01 12:0 a.m.34 views

CVE-2019-13147

In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...

6.1AI score0.01913EPSS
Exploits1References2
Rows per page
Query Builder