SUSE CVE-2023-45679

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in startdecoder. In that case the function returns early, but some of the pointers in f-commentlist are left initialized and later setupfree is called on these...

CVE-2023-45680

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in startdecoder. In that case the function returns early, the f-commentlist is set to NULL, but f-commentlistlength is not reset. Later in vorbisdeinit it tries to...

CVE-2023-45680

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in startdecoder. In that case the function returns early, the f-commentlist is set to NULL, but f-commentlistlength is not reset. Later in vorbisdeinit it tries to...

PHPCMS V9 WAP module injection vulnerability-vulnerability warning-the black bar safety net

Used to urldecode a variable into the library before there is no effective filter, resulting in the injected generation. Detailed description: ! Vulnerability to prove: File location:/phpcms/modules/wap/index.php Vulnerability function: commentlist Unfiltered parameter:$GET'commentid' Trigger...