PT-2023-26678 · Unknown · Jeecg-Boot

Name of the Vulnerable Software and Affected Versions: Jeecg-boot versions 3.5.0 and earlier Description: The issue allows a local attacker to cause a denial of service via the functions Benchmark, PG Sleep, DBMS Lock.Sleep, Waitfor, DECODE, and DBMS PIPE.RECEIVE MESSAGE. This is a result of a SQ...

DEBIAN-CVE-2023-38852

Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicodedecodewcstombs function in xlstool.c:266...

SUSE CVE-2020-36138

An issue was discovered in decodeframe in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service DoS...

PT-2023-26633 · Libxls +1 · Libxls +1

Name of the Vulnerable Software and Affected Versions: libxlsv version 1.6.2 Description: The issue allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode decode wcstombs function in xlstool.c:266. This can lead to the execution of...

Heap-based Buffer Overflow

Description heap-buffer-overflow p/bf/plugin.c:176 in decode Environment radare2 5.8.9 31000 @ linux-x86-64 commit: 95b648f0907e91e10d55fc48147a7dae99029c5b Build export CC=gcc CXX=g++ CFLAGS="-fsanitize=address -static-libasan" CXXFLAGS="-fsanitize=address -static-libasan"...

Design/Logic Flaw

An issue was discovered in decodeframe in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service DoS...

UBUNTU-CVE-2020-36138

An issue was discovered in decodeframe in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service DoS...

ffjpeg Security Vulnerabilities

ffjpeg is a JPEG encoder/decoder from the Chinese individual developer Kai Chen. A security vulnerability exists in rockcarry ffjpeg version 1.0.0, which originates from a buffer overflow vulnerability in the function jfifdecode. An attacker can exploit this vulnerability to execute arbitrary cod...

PT-2023-35948 · Git +1 · Fluent-Bit

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several functions, including reset context and cmt decode...

PT-2023-11665 · Rockcarry · Ffjpeg

Name of the Vulnerable Software and Affected Versions: rockcarry ffjpeg versions 1.0.0 and earlier Description: The issue is related to a Buffer Overflow vulnerability in the jfif decode function, which allows local attackers to execute arbitrary code due to an issue with ALIGN. This vulnerabilit...

FFmpeg 代码问题漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg version 4.3, which stems from a flaw in the decodeframe function in the libavcodec/tiff.c file. No details of the vulnerability are available at th...

CVE-2023-32567

Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.236...

Improper Neutralization

getkirby/cms is vulnerable to Improper Neutralization. The vulnerability exists in the decode function at Txt.php due to a field injection bug in the content storage implementation which allows an attacker to inject malicious data or code...

AZL-34723 CVE-2023-39128 affecting package gdb for versions less than 13.2-3

GNU gdb GDB 13.0.50.20220805-git was discovered to contain a stack overflow via the function adadecode at /gdb/ada-lang.c...

UBUNTU-CVE-2023-39128

GNU gdb GDB 13.0.50.20220805-git was discovered to contain a stack overflow via the function adadecode at /gdb/ada-lang.c...

PT-2023-26794 · Gnu +3 · Gdb +3

Name of the Vulnerable Software and Affected Versions: GNU gdb GDB version 13.0.50.20220805-git Description: A stack overflow issue was discovered in the function ada decode at /gdb/ada-lang.c. This issue affects the GNU gdb GDB debugger. Recommendations: For GNU gdb GDB version...

PT-2023-3902 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.27.0 Envoy versions prior to 1.26.4 Envoy versions prior to 1.25.9 Envoy versions prior to 1.24.10 Envoy versions prior to 1.23.12 Description: The issue is related to a use-after-free error in the HTTP CORS filter o...

CVE-2023-37748

ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c...

CVE-2023-37748

ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c...

golang: encoding/pem: fix stack overflow in Decode

A buffer overflow flaw was found in Golang's library encoding/pem. This flaw allows an attacker to use a large PEM input more than 5 MB, causing a stack overflow in Decode, which leads to a loss of availability...