CVE-2022-20228

In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12...

CVE-2021-40941

In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4Array::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service DOS...

CVE-2021-40941

In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4Array::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service DOS...

UBUNTU-CVE-2021-40941

In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4Array::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service DOS...

CVE-2021-40941

The CVE-2021-40941 issue affects Bento4 1.6.0-638, where an allocator memory overrun in AP4_Array::EnsureCapacity (Ap4Array.h:172) can cause a denial of service. This is documented across multiple sources (NVD, CVE listing, OSV, vendor/security notes) and centers on Bento4’s memory allocator fail...

GHSA-JMWX-R3GQ-QQ3P vec-const attempts to construct a Vec from a pointer to a const slice

Affected versions of this crate claimed to construct a const Vec with nonzero length and capacity, but that cannot be done because such a Vec requires a pointer from an allocator. The implementation was later changed to just construct a std::borrow::Cow...

CVE-2022-31285

An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h...

CVE-2022-31285

An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h...

Design/Logic Flaw

An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h...

CVE-2022-31285

An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h...

CVE-2022-31285

An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h...

CVE-2022-31285

Bento4 1.2 contains an out-of-memory allocator bug in /Source/C++/Core/Ap4Array.h. The issue is documented across multiple sources (NVD/Red Hat/OSV/Ubuntu etc.) as a memory allocation vulnerability without explicit exploit details in the provided documents. The Red Hat entry reiterates the same d...

Tuxera NTFS-3G 缓冲区错误漏洞

Tuxera NTFS-3G is an open source, cross-platform set of drivers from Tuxera Finland for reading and writing to NTFS partitions. tuxera NTFS-3G is vulnerable to a buffer overflow vulnerability that originates from a boundary error in ntfsmftrecalloc when handling untrusted input, which can be...

org.jenkins-ci.plugins:android-emulator (>=${revision}651.v471170b_2a_734 <=652.v185536c05086) potentially affected by CVE-2019-10350 via org.jenkins-ci.plugins:port-allocator (=1.10)

org.jenkins-ci.plugins:port-allocator MAVEN version =1.10 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:port-allocator and may be impacted: - org.jenkins-ci.plugins:android-emulator =$revision651.v471170b2a734, =652.v185536c050...

GHSA-5HHG-Q22C-6G39 Jenkins Port Allocator Plugin stores credentials in plain text

Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

Jenkins Port Allocator Plugin stores credentials in plain text

Jenkins Port Allocator Plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

RUSTSEC-2022-0054 wee_alloc is Unmaintained

Two of the maintainers have indicated that the crate may not be maintained. The crate has open issues including memory leaks and may not be suitable for production use. It may be best to switch to the default Rust standard allocator on wasm32 targets. Last release seems to have been three years...

wee_alloc is Unmaintained

Two of the maintainers have indicated that the crate may not be maintained. The crate has open issues including memory leaks and may not be suitable for production use. It may be best to switch to the default Rust standard allocator on wasm32 targets. Last release seems to have been three years...

CVE-2021-27431

ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc local malloc equivalent function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution...

Spock SLAF - A Shared Library Application Firewall "SLAF"

Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attacks like buffer overflow, path traversal, XXE and SQL...