The vulnerability of the mobile application MSM for the Android operating system allows a hacker to trigger a device restart.

The vulnerability of the MSM mobile application for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to trigger a device reboot after a kernel failure. This occurs because when the object associated with the codec is...

Vulnerability in the Android operating system’s media framework (H263 decoder), allowing a perpetrator to execute arbitrary code

The vulnerability in the Android operating system’s media framework H263 decoder is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Google Android Media framework (libavc) Denial of Service Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. media framework libavc is one of the frameworks used for multimedia development. A denial of service vulnerability exists in Media framework libavc in Android. A remote attacker ca...

CVE-2016-5862

When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs...

Opencv Integer Overflow Vulnerability

OpenCV is an open source, cross-platform, lightweight computer vision library. An integer overflow vulnerability exists in the 'ReadNumber' function of the opencv/modules/imgcodecs/src/grfmtpxm.cpp file in OpenCV 3.3 and earlier versions, which stems from the program's failure to detect the lengt...

CVE-2017-12864

In opencv/modules/imgcodecs/src/grfmtpxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier...

Android Media framework avc decoder remote code execution vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, and Media framework avc decoder is one of the avc decoders used for multimedia development. A remote code execution vulnerability exists in the Media framework avc decoder in...

libjpeg-turbo 1.5.1 - Denial of Service Vulnerability

Exploit for linux platform in category dos / poc libjpeg-turbo denial of service vulnerability ====================== Author : qflb.wu CVE : CVE-2017-9614 ====================== Introduction: ============= libjpeg-turbo is a JPEG image codec that uses SIMD instructions MMX, SSE2, AVX2, NEON,...

Vulnerability warning | FFmpeg aeration arbitrary file read vulnerability-vulnerability warning-the black bar safety net

Recently a white hat in the HackerOne platform reported by ffmpeg vulnerability using ffmpeg HLS playlist processing way, can lead to local file exposure. Vulnerability description 6 on 24 May, the HackerOne platform named neex the white hat for the Russian social networking site VK. com reported...

The vulnerability of the Session Initiation Protocol (SIP) microprogramming software for Cisco TelePresence Codec Software and Cisco Collaboration Endpoint (CE) Software allows attackers to manipulate the accessibility of services and information, thereby causing service failures.

The vulnerability of the Session Initiation Protocol SIP microprogramming software for Cisco TelePresence Codec Software and Cisco Collaboration Endpoint CE Software is related to resource management errors. Exploiting this vulnerability allows a malicious actor to manipulate service availability...

CVE-2016-10363

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

Design/Logic Flaw

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

CVE-2016-10363

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

CVE-2016-10363

Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and ca...

LG MRA58K - Out-of-Bounds Heap Read in CAVIFileParser::Destroy Resulting in Invalid Free

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1221 Similar to the previously reported issue 1206 , when parsing AVI files the CAVIFileParser object contains a fixed-size array of what appears to be pointer/length pairs, used I suppose to store the data for each stream. This is...

CVE-2017-6648

A vulnerability in the Session Initiation Protocol SIP of the Cisco TelePresence Codec TC and Collaboration Endpoint CE Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service DoS condition. The vulnerabili...

CVE-2017-6648

CVE-2017-6648 affects Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) software. An unauthenticated remote attacker can exploit a lack of flow-control in SIP to flood the device with SIP INVITE packets, causing the TelePresence endpoint to reload and suffer a DoS. Affected platforms ...

Cisco TelePresence Endpoint Denial of Service Vulnerability

Cisco TelePresence is a Cisco TelePresence solution. A security vulnerability in the session initialization protocol of the Cisco TelePresence Codec TC and Collaboration Endpoint CE software can be exploited by an attacker to cause an unintended reload of an affected endpoint, resulting in a deni...

Google Pixel Qualcomm Sound Codec Driver Elevation of Privilege Vulnerability

Google Pixel is a smartphone from the American company Google Google. An elevation of privilege vulnerability exists in the Google Pixel Qualcomm Sound Codec Driver. An attacker can exploit the vulnerability to execute arbitrary code using elevated kernel privileges...

Google Android Qualcomm Sound Codec Driver Information Disclosure Vulnerability

Google Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. Google Android suffers from an information disclosure vulnerability. Attackers can use this vulnerability to obtain sensitive information and launch further attacks...