GPAC 代码问题漏洞

GPAC is an open source multimedia framework. GPAC suffers from a denial-of-service vulnerability that stems from the presence of a null pointer dereference in the program. An attacker could exploit this vulnerability to cause the program to crash...

DEBIAN-CVE-2021-3941

In ImfChromaticities.cpp routine RGBtoXYZ, there are some division operations such as float Z = 1 - chroma.white.x - chroma.white.y Y / chroma.white.y; and chroma.green.y X + Z / d; but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition whi...

Tenda AC10-1200 Buffer Overflow Vulnerability (CNVD-2022-38544)

Tenda AC10-1200 is a wireless router from Tenda China.A buffer error vulnerability exists in the Tenda AC10-1200, which stems from a failure to properly validate data boundaries when performing operations on memory in the setSmartPowerManagement function. An attacker could exploit this...

Tenda AC10-1200 Buffer Overflow Vulnerability

Tenda AC10-1200 is a wireless router from Tenda, China. tenda AC10-1200 suffers from a buffer error vulnerability that stems from the list parameter in the fromSetIpMacBind function that does not properly validate data boundaries when performing operations on memory. An attacker could exploit thi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux kernel blockinvalidatepage function, which can be exploited by an attacker to cause a program to crash...

Two actively exploited Zero-Day vulnerabilities discovered in Mozilla Firefox

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Two critical zero-day vulnerabilities have been identified in Mozilla Firefox that are being exploited in-the-wild and tracked as CVE-2022-26485 and CVE-2022-26485. Both are use-after-free bugs that exist in XSLT parameter...

CVE-2022-23319

A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...

CVE-2022-23319

A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...

Design/Logic Flaw

A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...

CVE-2022-23319

A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...

ffjpeg Denial of Service Vulnerability (CNVD-2022-12798)

ffjpeg is a JPEG encoder/decoder by the individual developer Kai Chen in China. A rejection vulnerability exists in ffjpeg, which originates when the size information in the metadata of a bmp is out of range, it returns without allocating a memory buffer to pb-pdata and without exiting the progra...

CVE-2021-45385

A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 2021-12-06 in bmpload. When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to pb-pdata and did not exit the program. So the program crashes when it tries to access the pb-data, i...

CVE-2021-45385

A Null Pointer Dereference vulnerability exits in ffjpeg d5cfd49 2021-12-06 in bmpload. When the size information in metadata of the bmp is out of range, it returns without assign memory buffer to pb-pdata and did not exit the program. So the program crashes when it tries to access the pb-data, i...

MariaDB Denial of Service Vulnerability (CNVD-2022-65012)

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. MariaDB suffers from a denial of service vulnerability that stems from a shaping error in the product sqllex.cc file. An attacker could exploit the...

CVE-2020-26208

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

CVE-2020-26208

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

CVE-2020-26208 Heap-buffer-overflow in jhead

JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting i...

MariaDB 代码问题漏洞

MariaDB is a free and open source database management system from the MariaDB Foundation and a forked version of MySQL with the Maria storage engine. MariaDB suffers from a denial of service vulnerability that stems from the product sqlparse.cc file not effectively handling usedtables exceptions...

CVE-2021-46238

GPAC v1.1.0 was discovered to contain a stack overflow via the function gfnodegetname at scenegraph/basescenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service DoS...

CVE-2021-46238

GPAC v1.1.0 was discovered to contain a stack overflow via the function gfnodegetname at scenegraph/basescenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service DoS...