CVE-2024-41200

A segmentation fault in KMPlayer v4.2.2.65 allows attackers to cause a Denial of Service DoS via a crafted AVI file...

Amazon Linux 2 : yasm (ALASGRAPHICSMAGICK1.3-2023-002)

The version of yasm installed on the remote host is prior to 1.2.0-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2GRAPHICSMAGICK1.3-2023-002 advisory. Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the...

SUSE CVE-2017-5852

The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service infinite loop via a crafted file...

CVE-2021-40607

The schmboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command...

CVE-2021-40606

The gfbswritedata function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command...

CVE-2021-26948

Null pointer dereference in the htmldoc v1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service via a crafted html file...

CVE-2021-36417

A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gfisomdoviconfigget function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file...

Design/Logic Flaw

An out-of-bounds access in GffLine::GffLine in gff.cpp in GCLib 0.12.7 allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted GFF file...

CVE-2021-38108

Word97Import200.dll in Corel WordPerfect 2020 20.0.0.200 is affected by an Out-of-bounds Read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to access unauthorized system memory in the context of the current user. Exploitation of this issu...

CVE-2020-18776

In Libav 12.3, there is a segmentation fault in vc1decodebmbintfr in vc1block.c that allows an attacker to cause denial-of-service via a crafted file...

CVE-2020-22352

The gfdashsegmenterprobeinput function in GPAC v0.8 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

CVE-2021-31262

The AV1DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

CVE-2018-19607

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted file...

CVE-2017-15764

IrfanView 4.50 - 64bit with BabaCAD4Image plugin version 1.3 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .dwg file, related to a "Read Access Violation starting at BabaCAD4Image!ShowPlugInOptions+0x000000000001e6b0."...

CVE-2017-15739

IrfanView 4.50 - 64bit with CADImage plugin version 12.0.0.5 allows attackers to execute arbitrary code or cause a denial of service via a crafted .dwg file, related to "Data from Faulting Address controls subsequent Write Address starting at CADIMAGE+0x00000000000042d5."...

CVE-2017-14684

In ImageMagick 7.0.7-4 Q16, a memory leak vulnerability was found in the function ReadVIPSImage in coders/vips.c, which allows attackers to cause a denial of service memory consumption in ResizeMagickMemory in MagickCore/memory.c via a crafted file...

CVE-2017-13059

In ImageMagick 7.0.6-6, a memory leak vulnerability was found in the function WriteOneJNGImage in coders/png.c, which allows attackers to cause a denial of service WriteJNGImage memory consumption via a crafted file...

CVE-2017-11532

When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteMPCImage function in coders/mpc.c...

CVE-2017-11099

When SWFTools 0.9.2 processes a crafted file in wav2swf, it can lead to a Segmentation Violation in the wavconvert2mono function in lib/wav.c...

CVE-2017-9847

The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file...