UBUNTU-CVE-2018-13303

In FFmpeg 4.0.1, a missing check for failure of a call to initgetbits8 in the avprivac3parseheader function in libavcodec/ac3parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...

VLC media player 2.2.8 - Arbitrary Code Execution (PoC)

VLC media player 2.2.8 - Arbitrary Code Execution PoC Exploit Title: VLC media player 2.2.8 - Arbitrary Code Execution PoC Date: 2018-06-06 Exploit Author: Eugene Ng Vendor Homepage: https://www.videolan.org/vlc/index.html Software Link:...

bits-pilani.ac.in XSS vulnerability

Open Bug Bounty ID: OBB-633241 Description| Value ---|--- Affected Website:| bits-pilani.ac.in Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-12459

An inconsistent bits-per-sample value in the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service...

DEBIAN-CVE-2018-12459

An inconsistent bits-per-sample value in the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service...

CVE-2018-12459

An inconsistent bits-per-sample value in the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service...

CVE-2018-12459

An inconsistent bits-per-sample value in the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service...

SUSE SLES11 Security Update : libvirt (SUSE-SU-2018:1475-1) (Spectre)

This update for libvirt fixes the following issues : - CVE-2018-3639: cpu: Added support for 'ssbd' and 'virt-ssbd' CPUID feature bits pass through. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

SUSE-SU-2018:1475-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2018-3639: cpu: Added support for 'ssbd' and 'virt-ssbd' CPUID feature bits pass through...

MS10-008: Cumulative Security Update of ActiveX Kill Bits

Resolves a vulnerability that is currently being exploited in Microsoft Video ActiveX Control that could allow remote code execution if a user views a specially crafted Web page with Internet Explorer, instantiating the ActiveX control.INTRODUCTIONMicrosoft has released security bulletin MS10-008...

Microsoft Windows Kernel (Windows 7 x86) - Local Privilege Escalation (MS17-017) Exploit

Exploit for windows platform in category local exploits include include include include pragma commentlib, "psapi.lib" define POCDEBUG 0 if POCDEBUG == 1 define POCDEBUGBREAK getchar elif POCDEBUG == 2 define POCDEBUGBREAK DebugBreak else define POCDEBUGBREAK endif CONST LONG maxTimes = 2000; CON...

glibc security, bug fix, and enhancement update

2.17-222 - Restore internal GLIBCPRIVATE symbols for use during upgrades 1523119 2.17-221 - CVE-2018-1000001: Fix realpath buffer underflow 1534635 - i386: Fix unwinding for 32-bit C++ application 1529982 - Reduce thread and dynamic loader stack usage 1527904 - x86-64: Use XSAVE/XSAVEC more often...

tcpdump: Heap buffer overflow in the EXTRACT_16BITS function

tcpdump 4.9.0 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via crafted packet data. The crash occurs in the EXTRACT16BITS function, called from the stpprint function for the Spanning Tree Protocol...

Hash Collision

Bouncy Castle is vulnerable to hash collision attacks. The library keystore files uses a HMAC hash that is only 16 bits long, allowing a malicious user to retrieve the password used for keystore integrity verification checks. This vulnerability only affects users of the BKS-V1 keystore format,...

CVE-2018-7639

An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 bits colors" case, aka case 16...

CVE-2018-7641

An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "32 bits colors" case, aka case 32...

CVE-2018-7639

An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 bits colors" case, aka case 16...

CVE-2018-7641

An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "32 bits colors" case, aka case 32...

CVE-2018-7639

CVE-2018-7639 affects CImg v.220 and is a heap-based buffer over-read in load_bmp in CImg.h when loading a crafted BMP image in the 16-colors case (case 16). The issue is triggered by parsing a BMP header/image data and can lead to an out-of-bounds read. NVD metrics indicate a high severity for C...

CVE-2018-7641

An issue was discovered in CImg v.220. A heap-based buffer over-read in loadbmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "32 bits colors" case, aka case 32...