Libav Denial of Service Vulnerability (CNVD-2019-23073)

Libav formerly FFmpeg is Libav team's set of cross-platform audio and video can be recorded, converted to a solution, which includes a libavcodec encoder. A denial of service vulnerability exists in the 'ffvc1parseframeheaderadv' function of the vc1.c file in Libav version 12.3, which can be...

JasPer Null Pointer Dereference Vulnerability

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A null pointer dereference vulnerability exists in the 'rasputdatastd' function in the ras/rasenc.c file in JasPer version 2.0.14, which can be exploited by an attacker to cause a...

skia/android_codec: Use-of-uninitialized-value in swizzle_index_to_n32

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5767443453050880 Project: skia Fuzzer: libFuzzerskiaandroidcodec Fuzz target binary: androidcodec Job Type: libfuzzermsanskia Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...

skia/android_codec: Heap-buffer-overflow in SkGifCodec::haveDecodedRow

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5678720501678080 Project: skia Fuzzer: libFuzzerskiaandroidcodec Fuzz target binary: androidcodec Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Heap-buffer-overflow WRITE 4 Crash Addres...

Vulnerability of the AMediaCodecCryptoInfo_new function in the Android operating system’s framework component, allowing a hacker to execute arbitrary code

The vulnerability of the AMediaCodecCryptoInfonew function in NdkMediaCodec.cpp of the Android operating system’s framework is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code using a...

CVE-2018-9491

In AMediaCodecCryptoInfonew of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions:...

CVE-2018-9491

In AMediaCodecCryptoInfonew of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions:...

Cisco TelePresence Codec Remote Detection

Detects the installed version of Cisco TelePresence Codec. This script sends an HTTP GET request and tries to ensure the presence of Cisco TelePresence Codec. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

CVE-2016-8654

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected...

Heap overflow

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected...

CVE-2016-8654

CVE-2016-8654 is a JasPer/JPC-codec vulnerability where a heap-buffer overflow occurs due to an undersized QMFB buffer. It affects Jasper versions before 2.0.0. Remediation is to upgrade Jasper to a fixed version (≥2.0.0); various advisories (CentOS CESA-2017:1208, IBM PowerKVM bulletin, Cloud Fo...

CVE-2016-8654

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected...

CVE-2018-14589

An issue has been discovered in Bento4 1.5.1-624. AP4Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read...

DEBIAN-CVE-2018-14521

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubiosourceavcodecreadframe in io/sourceavcodec.c, as demonstrated by aubiomfcc...

CVE-2018-14448

Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL pointer dereference via a crafted MP4 file because of improper interaction with libav...

CVE-2018-14448

Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL pointer dereference via a crafted MP4 file because of improper interaction with libav...

Null pointer dereference

Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL pointer dereference via a crafted MP4 file because of improper interaction with libav...

CVE-2018-14448

Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL pointer dereference via a crafted MP4 file because of improper interaction with libav...

CVE-2018-14448

CVE-2018-14448 concerns the Untrunc project: a NULL pointer dereference in Codec::parse (track.cpp) when parsing a crafted MP4 file, caused by improper interaction with libav. This vulnerability affects Untrunc up to 2018-06-07 by design of the parser, and the issue is triggered during MP4 proces...

Teradek Slice 7.3.15 (snapshot.cgi) Stream Disclosure

Summary Built on the award-winning Cube platform, Slice is a rack mount HEVC / H.264 codec designed to fit seamlessly into your broadcast studio. Like the Cube, Slice encoders and decoders includes 3G-SDI and HDMI I/O, Ethernet and WiFi connectivity, and full duplex IFB. Description Slice suffers...