UBUNTU-CVE-2023-1450

A vulnerability was found in MP4v2 2.1.2 and classified as problematic. This issue affects the function DumpTrack of the file mp4trackdump.cpp. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The...

SUSE CVE-2017-6829

The decodeSample function in IMA.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

SUSE CVE-2017-6830

Heap-based buffer overflow in the alaw2linearbuf function in G711.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

SUSE CVE-2017-6831

Heap-based buffer overflow in the decodeBlockWAVE function in IMA.cpp in Audio File Library aka audiofile 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0 and 0.2.7 allows remote attackers to cause a denial of service crash via a crafted file...

SUSE CVE-2017-6833

The runPull function in libaudiofile/modules/BlockCodec.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service divide-by-zero error and crash via a crafted file...

SUSE CVE-2017-6837

WAVE.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via vectors related to a large number of coefficients...

SUSE CVE-2017-6838

Integer overflow in sfcommands/sfconvert.c in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

SUSE CVE-2017-6839

Integer overflow in modules/MSADPCM.cpp in Audio File Library aka audiofile 0.3.6 allows remote attackers to cause a denial of service crash via a crafted file...

SUSE CVE-2017-8392

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to an invalid read of size 8 because of missing a check to determine whether symbols are NULL in the bfddwarf2findnearestline function. This vulnerability causes programs that conduct an analysis...

SUSE CVE-2017-11423

The cabdreadstring function in mspack/cabd.c in libmspack 0.5alpha, as used in ClamAV 0.99.2 and other products, allows remote attackers to cause a denial of service stack-based buffer over-read and application crash via a crafted CAB file...

SUSE CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

SUSE CVE-2019-13147

In Audio File Library aka audiofile 0.3.6, there exists one NULL pointer dereference bug in ulaw2linearbuf in G711.cpp in libmodules.a that allows an attacker to cause a denial of service via a crafted file...

PT-2022-24201 · Axiomatic · Bento4

Name of the Vulnerable Software and Affected Versions: Axiomatic Bento4 affected versions not specified Description: A problematic issue has been found, affecting the AP4 File::AP4 File function of the Mp42Hevc.cpp file in the mp42hevc component. This issue leads to denial of service and can be...

LibTIFF 安全漏洞

LibTIFF is a library for reading and writing TIFF Tagged Image File Format files. The library contains a number of command-line tools for working with TIFF files.A security vulnerability exists in LibTIFF, which stems from a heap buffer overflow flaw found in the TIFFReadRawDataStriped function o...

USN-5432-2: libpng vulnerabilities

USN-5432-1 fixed vulnerabilities in libpng. This update provides the corresponding updates for libpng1.6. Original advisory details: It was discovered that libpng incorrectly handled memory when parsing certain PNG files. If a user or automated system were tricked into opening a specially crafted...

EUVD-2017-15881

Heap-based buffer overflow in the MSADPCM::initializeCoefficients function in MSADPCM.cpp in audiofile aka libaudiofile and Audio File Library 0.3.6 allows remote attackers to have unspecified impact via a crafted audio file...

Showdoc 2.10.3 - Stored Cross-Site Scripting Vulnerability

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

Information Exposure

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Information Exposure due to improper handling of HTTP headers in filelib.php. An attacker can access sensitive information by intercepting requests to a caching proxy server that has previously...

stb 安全漏洞

stb is a single-file public domain library for C/C ++. A security vulnerability exists in stb version v2.27, which stems from the inclusion of an integer shift of invalid size in the component stbijpegdecodeblockprogac...