330 matches found
Cross-site Scripting (XSS) - Stored in star7th/showdoc
Description Stored XSS via upload attachment with format .svg in File Library. Detail When opening the attachment, some format files will be rendered and loaded on the browser. So it allows executing arbitrary javascript code that was injected into attachment before. Proof of Concept PoC.svg var...
stb 安全漏洞
stb is a single-file public domain library for C/C. stbimage.h is one of the image loaders. stb stbimage.h is vulnerable, and an attacker could use stbimage to crash the service or read up to 1024 bytes of non-contiguous heap data without controlling where it is read...
UBUNTU-CVE-2020-19497
Integer overflow vulnerability in MatVarReadNextInfo5 in mat5.c in tbeu matio aka MAT File I/O Library 1.5.17, allows attackers to cause a Denial of Service or possibly other unspecified impacts...
OESA-2021-1040 audiofile security update
The Audio File Library is a C-based library for reading and writing audio files in many common formats. The Audio File Library provides a uniform API which abstracts away details of file formats and data formats. The same calls for opening a file, accessing and manipulating audio metadata e.g...
audiofile: NULL pointer dereference in ModuleState::setup() in modules/ModuleState.cpp allows for denial of service via crafted file
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
CVE-2020-12840
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php...
The vulnerability of the module for working with ZIP files by the zipfile Python package, which allows a hacker to trigger a denial-of-service attack
The vulnerability of the zipfile library for working with ZIP files in Python-related software packages is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions using a malicious ZIP archive known as a “ZIP bomb”...
Audio File Library Buffer Overflow Vulnerability
Audio File Library aka audiofile is an audio file library. A buffer overflow vulnerability exists in the 'afReadFrames' function in Audio File Library. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting...
Buffer overflow
Buffer overflow in the afReadFrames function in audiofile aka libaudiofile and Audio File Library allows user-assisted remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c...
CVE-2015-7747
CVE-2015-7747 affects the Audio File Library (audiofile/libaudiofile). The vulnerability is a buffer overflow in afReadFrames that can be triggered by a crafted audio file, potentially causing a denial of service or arbitrary code execution. The issue is corroborated across multiple feeds (includ...
Huawei EulerOS: Security Advisory for libgsf (EulerOS-SA-2019-2240)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NASA CFITSIO Buffer Overflow Vulnerability
NASA CFITSIO is a FITS file subroutine library that is primarily used to read and write data files in the FITS Flexible Image Transfer System format. A buffer overflow vulnerability exists in NASA CFITSIO versions prior to 3.43. The vulnerability stems from a networked system or product performin...
DEBIAN-CVE-2019-13147
In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...
AZL-44760 CVE-2019-13147 affecting package audiofile 0.3.6-27
In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...
CVE-2019-13147
In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...
Null pointer dereference
In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...
CVE-2019-13147
In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...
UBUNTU-CVE-2019-13147
In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...
PT-2019-2965 · Unknown +4 · Audio File Library +4
Name of the Vulnerable Software and Affected Versions: Audio File Library versions 0.3.6 Description: The issue is related to a NULL pointer dereference bug in the ulaw2linear buf function in G711.cpp within the libmodules.a library. This bug allows an attacker to cause a denial of service via a...
CVE-2019-13147
In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...