WinMPG Video Convert 缓冲区错误漏洞

WinMPG Video Convert is a video file format conversion tool developed by the American company WinMPG. Versions of WinMPG Video Convert 9.3.5 and earlier contained a buffer error vulnerability. This vulnerability stemmed from a buffer overflow in the registration dialog box, which could allow loca...

PT-2026-27379

WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specially crafted AVI file with an oversized buffer and load it through the Convert to iPhone function ...

EUVD-2019-19762

WinMPG iPod Convert 3.0 contains a buffer overflow vulnerability in the Register dialog that allows local attackers to crash the application by supplying an oversized payload. Attackers can paste a large string of characters into the User Name and User Code field to trigger a denial of service...

CVE-2019-25484

WinMPG iPod Convert 3.0 contains a buffer overflow vulnerability in the Register dialog that allows local attackers to crash the application by supplying an oversized payload. Attackers can paste a large string of characters into the User Name and User Code field to trigger a denial of service...

CVE-2019-25484

CVE-2019-25484 — WinMPG iPod Convert 3.0 suffers a buffer overflow in the Register dialog. The flaw allows local attackers to crash the application by supplying an oversized payload, e.g., a large string in the User Name and User Code fields, resulting in a denial of service. The issue is localiz...

CVE-2019-25484

WinMPG iPod Convert 3.0 contains a buffer overflow vulnerability in the Register dialog that allows local attackers to crash the application by supplying an oversized payload. Attackers can paste a large string of characters into the User Name and User Code field to trigger a denial of service...

CVE-2019-25484 WinMPG iPod Convert 3.0 Register Field Buffer Overflow DoS

WinMPG iPod Convert 3.0 contains a buffer overflow vulnerability in the Register dialog that allows local attackers to crash the application by supplying an oversized payload. Attackers can paste a large string of characters into the User Name and User Code field to trigger a denial of service...

WinMPG iPod Convert 缓冲区错误漏洞

WinMPG iPod Convert is a video format conversion tool developed by WinMPG Corporation in the United States. Version 3.0 of WinMPG iPod Convert contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the registration dialog box, which could allow local attackers t...

CVE-2026-30982

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccPcsXform::pushXYZConvert causing crash and potentially leaking memory contents. This vulnerability is fixed in 2.3.1.5...

CVE-2026-30982

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccPcsXform::pushXYZConvert causing crash and potentially leaking memory contents. This vulnerability is fixed in 2.3.1.5...

EUVD-2026-10724

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccPcsXform::pushXYZConvert causing crash and potentially leaking memory contents. This vulnerability is fixed in 2.3.1.5...

CVE-2026-30982 iccDEV has a heap out-of-bounds read in CIccPcsXform::pushXYZConvert()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccPcsXform::pushXYZConvert causing crash and potentially leaking memory contents. This vulnerability is fixed in 2.3.1.5...

OSV-2026-344 UNKNOWN READ in void Assimp::Blender::ConvertDispatcher<float>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488752792 Crash type: UNKNOWN READ Crash state: void Assimp::Blender::ConvertDispatcher void Assimp::Blender::Structure::ReadFieldArray void Assimp::Blender::Structure::Convert...

Novarain/Tassos Framework, , SQL Injection

allow SQL injection and unauthenticated file reads. Attackers can chain these issues for administrator takeover and remote code execution on unpatched systems. Affected extensions include Convert Forms, EngageBox, Google Structured Data, Advanced Custom Fields, and Smile Pack, all relying on the...

php: Single byte overread with convert.quoted-printable-decode filter

A memory-related vulnerability was found in PHP’s filter handling system, particularly when processing input with convert.quoted-printable-decode filters. This issue can lead to a segmentation fault. This vulnerability is triggered through specific sequences of input data, causing PHP to crash...

[SECURITY] Fedora 42 Update: python-wheel-0.45.1-5.fc42

This is a command line tool for manipulating Python wheel files, as defined in PEP 427. It contains the following functionality: - Convert .egg archives into .whl. - Unpack wheel archives. - Repack wheel archives. - Add or remove tags in existing wheel archives...

CVE-2026-22994

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reference count leak in bpfprogtestrunxdp syzbot is reporting unregisternetdevice: waiting for sit0 to become free. Usage count = 2 problem. A debug printk patch found that a refcount is obtained at xdpconvertmdtobuff fr...

MiracleLinux 8 : gstreamer1-plugins-good-1.16.1-5.el8_10 (AXSA:2024-9444:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9444:03 advisory. gstreamer1-plugins-good: uninitialized stack memory in Matroska/WebM demuxer CVE-2024-47540 gstreamer1-plugins-good: OOB-write in isomp4/qtdemux.c...

MiracleLinux 8 : perl-Convert-ASN1-0.27-18.el8 (AXSA:2024-8270:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8270:01 advisory. perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input CVE-2013-7488 Tenable has extracted the preceding description block...

MiracleLinux 8 : python-pillow-5.1.1-16.el8 (AXSA:2021-2760:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2760:01 advisory. python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25288...