The vulnerability of the decoder for the MPEG-4 multimedia platform GPAC’s decoding function allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the CSGP decoder for MPEG-4 multimedia platform GPAC is related to the lack of verification for the result of arithmetic operations. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failure...

The vulnerability of the stszin function in the mp4read.c component of the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the stszin function in the mp4read.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

The vulnerability of the sbr_qmf_synthesis_64 function in the sbr_qmf.c component of the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to gain access to confidential data, compromise its integrity, and cause service failure.

The vulnerability of the sbrqmfsynthesis64 function in the sbrqmf.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related to buffer-overflow situations. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and...

The vulnerability of the get_sample() function in the output.c component of the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to trigger a service failure.

The vulnerability of the getsample function in the output.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause a service failure...

The vulnerability of the decoder in the MPEG-4 multimedia platform GPAC function decoder allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the CO64 decoder for the MPEG-4 multimedia platform GPAC is related to incorrect checking of the result of an arithmetic operation. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

Google Android 代码问题漏洞

Google Android is a Linux-based open source operating system from Google, Inc. A denial-of-service vulnerability exists in Google Android, which stems from a possible crash in the re-initialization of HeifDecoderImpl.cpp due to a missing null check. A remote attacker could exploit the vulnerabili...

The vulnerability of the PCRB decoder in the MPEG-4 multimedia platform GPAC’s decoding function allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the PCRB decoder for MPEG-4 multimedia platform GPAC is related to the lack of verification for the result of arithmetic operations. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failure...

The vulnerability of the stb_image.h component in the SIXEL Libsixel encoder/decoder implementation allows a malicious actor to cause a service failure.

The vulnerability of the stbimage.h component in the SIXEL Libsixel encoder/decoder implementation is related to reading data from buffers beyond their acceptable limits. Exploiting this vulnerability allows a malicious actor to cause service failures using a specially created PSD file...

The vulnerability of the ftypin function in the mp4read.c component of the Freeware Advanced Audio Decoder 2 (FAAD2) allows a hacker to gain access to confidential data, compromise its integrity, and cause service failure.

The vulnerability of the ftypin function in the mp4read.c component of the Freeware Advanced Audio Decoder 2 FAAD2 audio decoder is related to buffer overflow attacks. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

[SECURITY] [DSA 5109-1] faad2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5109-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 27, 2022 https://www.debian.org/security/faq -...

[SECURITY] Fedora 36 Update: python-ujson-5.1.0-1.fc36

UltraJSON is an ultra fast JSON encoder and decoder written in pure C with bindings for Python...

netty-codec: Bzip2Decoder doesn't allow setting size restrictions for decompressed data

A flaw was found in Netty's netty-codec due to size restrictions for decompressed data in the Bzip2Decoder. By sending a specially-crafted input, a remote attacker could cause a denial of service...

netty-codec: SnappyFrameDecoder doesn't restrict chunk length and may buffer skippable chunks in an unnecessary way

A flaw was found in the Netty's netty-codec due to unrestricted chunk lengths in the SnappyFrameDecoder. By sending a specially-crafted input, a remote attacker could cause excessive memory usage resulting in a denial of service...

Infinite loop in Pillow

JpegImagePlugin may append an EOF marker to the end of a truncated file, so that the last segment of the data will still be processed by the decoder. If the EOF marker is not detected as such however, this could lead to an infinite loop where JpegImagePlugin keeps trying to end the file...

CVE-2022-20048

In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502...

CVE-2022-20047

In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489...

CVE-2022-20048

In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502...

CVE-2022-20047

In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489...

CVE-2022-20047

In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489...

CVE-2022-20048

In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502...