UBUNTU-CVE-2019-7574

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c...

ALPINE-CVE-2019-7575

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MSADPCMdecode in audio/SDLwave.c...

CVE-2018-11998

While processing a packet decode request in MQTT, Race condition can occur leading to an out-of-bounds access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660, SnapdragonHighMed2016...

openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle()

An issue was discovered in Open vSwitch OvS 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2 where the decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. A specially craft...

openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle()

An issue was discovered in Open vSwitch OvS 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2 where the decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. A specially craft...

Denial Of Service (DoS)

msgpack is vulnerable to denial of service. The default decode limits is too large, which will allow an attacker to deplete available resource and cause the process to crash...

PT-2019-16621 · Libsixel +1 · Libsixel +1

Name of the Vulnerable Software and Affected Versions: libsixel version 1.8.2 Description: The issue is related to an infinite loop in the sixel decode raw impl function, located in the fromsixel.c file. This has been demonstrated using sixel2png. Recommendations: For libsixel version 1.8.2,...

CVE-2018-20616

ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the okwavdecodemsadpcmdata function in okwav.c...

Google Android Buffer Overflow Vulnerability (CNVD-2019-27578)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An out-of-bounds write vulnerability exists in the 'impdinitdrcdecodepostconfig' function of the impddrcgaindecoder.c file in Android version 9, which stems from a boundary check...

Google Android elevation of privilege vulnerability (CNVD-2018-26777)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the V4L2SliceVideoDecodeAccelerator::Dequeue in the v4l2slicevideodecodeaccelerator.cc file in Android versions 8.1 and 9, which...

CVE-2018-9538

CVE-2018-9538 affects Android (8.1, 9) and relates to V4L2SliceVideoDecodeAccelerator::Dequeue, where an incorrect bounds check enables a possible out-of-bounds read of a function pointer. This could allow local escalation of privilege with no user interaction. The vulnerability is associated wit...

CVE-2018-19761

There is an illegal address access at fromsixel.c function: sixeldecoderawimpl in libsixel 1.8.2 that will cause a denial of service...

Libsixel Illegal Address Access Vulnerability

libsixel is a package that provides encoding/decoding implementations for DEC SIXEL graphics and other converter programs. An illegal address access vulnerability exists in the 'sixeldecoderawimpl' function of the fromsixel.c file in libsixel version 1.8.2, which can be exploited by an attacker t...

FreeRDP Out-of-Bounds Write Vulnerability

FreeRDP is a free, open source implementation of the Remote Desktop Protocol RDP developed by the FreeRDP team. An out-of-bounds write vulnerability in the 'nscrledecode' function in versions prior to FreeRDP 2.0.0-rc4 can be exploited by a remote attacker to cause a denial of service memory...

PT-2018-15076 · Libsixel +1 · Libsixel +1

Name of the Vulnerable Software and Affected Versions: libsixel version 1.8.2 Description: The issue is related to an illegal address access in the sixel decode raw impl function within the fromsixel.c file of libsixel. This will cause a denial of service. Recommendations: For libsixel version...

DEBIAN-CVE-2018-8788

FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nscrledecode that results in a memory corruption and possibly even a remote code execution...

UBUNTU-CVE-2018-19542

An issue was discovered in JasPer 2.0.14. There is a NULL pointer dereference in the function jp2decode in libjasper/jp2/jp2dec.c, leading to a denial of service...

CVE-2018-19530

HTTL aka Hyper-Text Template Language through 1.0.11 allows remote command execution because the decodeXml function uses XStream unsafely when configured with an xml.codec=httl.spi.codecs.XstreamCodec setting...

PT-2018-3818 · Audiocoding +2 · Faad2 +2

Name of the Vulnerable Software and Affected Versions: Freeware Advanced Audio Decoder 2 FAAD2 versions 2.8.8 Description: The issue is related to a buffer over-read in the ps mix phase function of the libfaad/ps dec.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder. This i...

CVE-2018-9527

In vorbisbookdecodevset of codebook.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1...