6117 matches found
ALPINE-CVE-2019-6250
A pointer overflow, with code execution, was discovered in ZeroMQ libzmq aka 0MQ 4.2.x and 4.3.x before 4.3.1. A v2decoder.cpp zmq::v2decodert::sizeready integer overflow allows an authenticated attacker to overwrite an arbitrary amount of bytes beyond the bounds of a buffer, which can be leverag...
Apache Tomcat 7.0.28 < 7.0.88
The version of Tomcat installed on the remote host is prior to 7.0.88. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.88security-7 advisory. - An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop...
Traccar Server Cross-Site Scripting Vulnerability
Traccar Server is an open source GPS tracking system. A cross-site scripting vulnerability exists in the protocol/SpotProtocolDecoder.java file in Traccar Server version 4.2, which can be exploited by a remote attacker to inject arbitrary Web script or HTML...
haproxy: Out-of-bounds read in HPACK decoder
A flaw was discovered in the HPACK decoder of haproxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpackvalididx resulted in a remote crash and denial of service...
CVE-2019-5748
In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks...
CVE-2018-1000877
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c, parsecodes, reallocrar-lzss.window, newsize with newsize = 0 that can result in Crash/DoS. Thi...
PT-2019-4614 · FFmpeg +3 · Ffmpeg +3
Name of the Vulnerable Software and Affected Versions: FFmpeg versions 3.2 through 4.1 Description: The issue is related to a denial of service in the subtitle decoder, allowing attackers to consume excessive CPU resources via a crafted video file in Matroska format. This is due to the ff...
ok-file-formats buffer overflow vulnerability
ok-file-formats is a decoder for files in PNG, JPEG and WAV formats. ok-file-formats A buffer overflow vulnerability exists in the 'okwavdecodemsadpcmdata' function of the okwav.c file in versions 2018-10-16 and earlier. An attacker could exploit this vulnerability to execute code or cause a deni...
ok-file-formats buffer overflow vulnerability (CNVD-2019-00836)
ok-file-formats is a decoder for files in PNG, JPEG and WAV formats. ok-file-formats A buffer overflow vulnerability exists in the 'okcsvdecode2' function of the okcsv.c file in versions 2018-10-16 and earlier. An attacker can exploit this vulnerability to execute arbitrary code or cause a denial...
Information Disclosure
rails-session-decoder is vulnerable to information disclosure. A lack of verification of the Message Authentication Code that is appended to the cookies could allow an attacker to decrypt encrypted data containing confidential information...
Debian: Security Advisory (DLA-1612-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Sensitive Data Exposure
Overview All versions of rails-session-decoder are missing verification of the Message Authentication Code appended to the cookies. This may lead to decryption of cipher text thus exposing encrypted information. Recommendation No fix is currently available. Consider using an alternative module...
Denial of Service Vulnerability in Freeware Advanced Audio Deoder 2 (CNVD-2019-01362)
Freeware Advanced Audio Decoder 2 is advanced audio encoder. A denial of service vulnerability exists in Freeware Advanced Audio Decoder 2 FAAD2 in version v2.8.8, which can be exploited to cause a denial of service with the help of a specially crafted acc file...
Denial of Service Vulnerability in Freeware Advanced Audio Decoder 2
Freeware Advanced Audio Decoder 2 is advanced audio encoder. A denial of service vulnerability exists in Freeware Advanced Audio Decoder 2 FAAD2 in version v2.8.8, which can be exploited by attackers to cause a denial of service...
The vulnerability of the CAacDecoder_Init function in the Android operating system allows a hacker to execute arbitrary code.
The vulnerability of the CAacDecoderInit function aacdecoder.cpp in the Android operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
FAAD2 Invalid Memory Address Dereference Vulnerability (CNVD-2019-07895)
Freeware Advanced Audio Decoder 2 FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder licensed under the GPLv2 license. An invalid memory address dereference vulnerability in the ltprediction function of libfaad/ltpredict.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8 can be exploited by an...
FAAD2 Invalid Memory Address Dereference Vulnerability
Freeware Advanced Audio Decoder 2 FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder licensed under the GPLv2 license. An invalid memory address dereference vulnerability in the sbrprocesschannel function of libfaad/sbrdec.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8 can be exploited by ...
FAAD2 Invalid Memory Address Dereference Vulnerability (CNVD-2019-07894)
Freeware Advanced Audio Decoder 2 FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder licensed under the GPLv2 license. An invalid memory address dereference vulnerability in the sbrDecodeSingleFramePS function of libfaad/sbrdec.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8 can be exploite...
FAAD2 Null Pointer Dereference Vulnerability (CNVD-2019-07896)
Freeware Advanced Audio Decoder 2 FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder licensed under the GPLv2 license. A null pointer dereference vulnerability in sbrprocesschannel in libfaad/sbrdec.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8 can be exploited by an attacker to cause a...
FAAD2 Invalid Memory Address Dereference Vulnerability (CNVD-2019-07892)
Freeware Advanced Audio Decoder 2 FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder licensed under the GPLv2 license. An invalid memory address dereference vulnerability in the hfassembly function of libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8 can be exploited by an...