3024 matches found
CVE-2022-3965
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smcencodestream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. The attack can be initiated...
CVE-2022-3964
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. It is possible to initiate the attack remotely. The...
UBUNTU-CVE-2022-3965
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smcencodestream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. The attack can be initiated...
CVE-2022-3964
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. It is possible to initiate the attack remotely. The...
MGASA-2022-0420 Updated exiv2 packages fix security vulnerability
Affected is the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to integer overflow. It is possible to launch the attack remotely. CVE-2022-3756...
Updated exiv2 packages fix security vulnerability
Affected is the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to integer overflow. It is possible to launch the attack remotely. CVE-2022-3756...
CVE-2022-3964 ffmpeg QuickTime RPZA Video Encoder rpzaenc.c out-of-bounds
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. It is possible to initiate the attack remotely. The...
FFmpeg 缓冲区错误漏洞
FFmpeg, the FFmpeg team's complete solution for recording, converting, and streaming audio and video, suffers from a security vulnerability stemming from an unknown function in the file ibavcodec/rpzaenc.c of the QuickTime RPZA Video Encoder component, which could be exploited by an attacker to...
CVE-2022-3964
CVE-2022-3964 affects FFmpeg: a flaw in the QuickTime RPZA Video Encoder, specifically in libavcodec/rpzaenc.c where manipulating the argument y_size causes an out‑of‑bounds read. The issue can be triggered remotely. The patch identified is 92f9b28ed84a77138105475beba16c146bdaf984. The vulnerabil...
CVE-2022-3965
FFmpeg CVE-2022-3965 affects the QuickTime Graphics Video Encoder (libavcodec/smcenc.c: smc_encode_stream). Manipulating y_size causes an out-of-bounds read; the attack is described as remote. Patch reference: 13c13109759090b7f7182480d075e13b36ed8edd (VDB-213544) with a remediation recommendation...
CVE-2022-3965
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smcencodestream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. The attack can be initiated...
CVE-2022-3964
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. It is possible to initiate the attack remotely. The...
CVE-2022-3965
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smcencodestream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. The attack can be initiated...
FFmpeg 缓冲区错误漏洞
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg, which originates from an unknown function in the file ibavcodec/rpzaenc.c of the QuickTime RPZA Video Encoder component, which can be exploited by...
CVE-2022-3965 ffmpeg QuickTime Graphics Video Encoder smcenc.c smc_encode_stream out-of-bounds
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smcencodestream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. The attack can be initiated...
CVE-2022-3964
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument ysize leads to out-of-bounds read. It is possible to initiate the attack remotely. The...
CVE-2022-3953
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...
OESA-2022-2063 exiv2 security update
Exiv2 is a Cross-platform C++ library and a command line utility to manage image metadata. It provides fast and easy read and write access to the Exif, IPTC and XMP metadata and the ICC Profile embedded within digital images in various formats. Security Fixes: A vulnerability was found in Exiv2. ...
The vulnerability in the `QuickTimeVideo::userDataDecoder` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata with the Exiv2 library allows a attacker to perform a denial-of-service attack.
The vulnerability of the QuickTimeVideo::userDataDecoder function in the quicktimevideo.cpp file of the library and the command-line utility for managing image metadata in Exiv2 is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a...
The vulnerability in the `QuickTimeVideo::decodeBlock` function of the `quicktimevideo.cpp` file in the library and command-line utilities for managing image metadata from Exiv2 allows a attacker to perform a denial-of-service attack.
The vulnerability in the QuickTimeVideo::decodeBlock function of the quicktimevideo.cpp file in the library and command-line utilities for managing image metadata in Exiv2 is related to pointer aliasing errors. Exploiting this vulnerability could allow an attacker to trigger a denial-of-service...