BIT-GOLANG-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime

Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU...

CLSA-2026-1777049076 tar: Fix of CVE-2019-9923

CVE-2019-9923: fix possible NULL dereference in paxdecodeheader...

CLSA-2026-1777043727 tar: Fix of CVE-2019-9923

CVE-2019-9923: fix possible NULL dereference in paxdecodeheader...

EUVD-2026-12958

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

CVE-2026-31973

SAMtools is a program for reading, manipulating and writing bioinformatics file formats. Starting in version 1.17, in the cram-size command, used to write information about how well CRAM files are compressed, a check to see if the cramdecodecompressionheader was missing. If the function returned ...

UBUNTU-CVE-2024-47607

GStreamer is a library for constructing graphs of media-handling components. stack-buffer overflow has been detected in the gstopusdecparseheader function within gstopusdec.c'. The pos array is a stack-allocated buffer of size 64. If nchannels exceeds 64, the for loop will write beyond the...

SUSE CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

SUSE CVE-2018-13301

In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service...

FFmpeg 缓冲区错误漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the Ffmpeg team. FFmpeg truemotion1decodeheader suffers from a denial-of-service vulnerability that can be exploited by attackers to cause a denial-of-service attack...

OSV-2021-907 Heap-buffer-overflow in decode_header_value_literal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35675 Crash type: Heap-buffer-overflow READ 1 Crash state: decodeheadervalueliteral decodeheader h2ohpackparserequest...

PT-2019-19939 · Gnu +5 · Gnu Tar +5

Name of the Vulnerable Software and Affected Versions: GNU Tar versions prior to 1.32 Description: The issue arises from a NULL pointer dereference in the pax decode header function within sparse.c when parsing certain archives with malformed extended headers. Recommendations: For GNU Tar version...

FFmpeg 'ff_mpeg4_decode_picture_header' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffmpeg4decodepictureheader' function in the libavcodec/mpeg4videodec.c file in FFmpeg. The vulnerability can be exploited to cause a denial of servic...

FFmpeg 'libavcodec/dnxhddec.c' Denial of Service Vulnerability

FFmpeg is a free program that performs recording, transferring and streaming of audio and video in various formats. A security vulnerability in the processing of DNxHD files by the FFmpeg libavcodec/dnxhddec.c/dnxhddecodeheader function allows an attacker to exploit the vulnerability by submittin...

ALPINE-CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

DEBIAN-CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

Low: Red Hat Security Advisory: squirrelmail security and bug fix update

An updated squirrelmail package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...