Libav Denial of Service Vulnerability (CNVD-2018-07428)

Libav is an open source audio and video processing tools , providing for conversion , manipulation and streaming of various multimedia formats and protocols cross-platform tools and libraries . A denial of service vulnerability exists in the applydependentcoupling function in libavcodec/aacdec.c ...

UBUNTU-CVE-2017-18242

The applydependentcoupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted aac file...

Unspecified Vulnerability in inversoft prime-jwt

inversoft prime-jwt is an open source Java 8-based JWT library . A security vulnerability exists in JWTDecoder.decode in versions prior to inversoft prime-jwt 1.3.0 and commit 0d94dcef0133d699f21d217e922564adbb83a227. No details of the vulnerability are provided at this time...

UBUNTU-CVE-2018-8102

The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service buffer over-read and application crash via a specific pdf file, as demonstrated by pdftohtml...

Underbit libmad Denial of Service Vulnerability

Underbit libmad is an open source MPEG audio decoding library that provides 24-bit PCM output for platforms without floating point support. A security vulnerability exists in the 'maddecoderrun' function of the decoder.c file in Underbit libmad 0.15.1b and earlier versions. A remote attacker can...

Vulnerability of the `ihevcd_allocate_static_bufs` and `ihevcd_create` functions in the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the ihevcdallocatestaticbufs and ihevcdcreate/media/libstagefright/codecs/hevcdec/SoftHEVC.cpp functions in the Android operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code within...

The vulnerability of the initDecoder function in the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the initDecoder function /media/libstagefright/codecs/hevcdec/SoftHEVC.cpp in the Android operating system is related to writing data beyond the buffer into memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code within the context of a...

CVE-2017-17135

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

openSUSE Security Update : lame (openSUSE-2018-214)

This update for lame fixes the following issues : Lame was updated to version 3.100 : - Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection - New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the u...

CVE-2018-4892

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JBIG2 decoder. The vulnerability is triggered by a crafted PDF...

CVE-2018-4892

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JBIG2 decoder. The vulnerability is triggered by a crafted PDF...

Design/Logic Flaw

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JBIG2 decoder. The vulnerability is triggered by a crafted PDF...

CVE-2018-4892

CVE-2018-4892 affects Adobe Acrobat Reader versions up to 2018.009.20050, 2017.011.30070, and 2015.006.30394 and earlier. It is a use-after-free in the JBIG2 decoder triggered by a crafted PDF with a malformed JBIG2 stream, leading to arbitrary code execution. Connected records confirm the affect...

CVE-2018-4892

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JBIG2 decoder. The vulnerability is triggered by a crafted PDF...

Security update for lame (important)

This update for lame fixes the following issues: Lame was updated to version 3.100: Improved detection of MPEG audio data in RIFF WAVE files. sf3545112 Invalid sampling detection New switch --gain decibel, range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the...

Multiple Adobe Products JBIG2 Decoder Memory Misreference Vulnerability

Acrobat DC Continuous Track and so on are the United States of America Ordoby Adobe company's products. Acrobat DC Continuous Track is a desktop version of the continuous update of the PDF solution. Reader DC Continuous Track is a continuous update of the version of the PDF reading tool. JBIG2...

The vulnerability of the Media Framework component of the Android operating system, which allows for the disclosure of protected information

The vulnerability of the Media Framework component decoder/impeg2ddechdr.c in the Android operating system is related to resource management errors. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information that is protected by the system...

Google Android ihevcd_ctb_boundary_strength_pbslice Absolute Service Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. libhevc is one of the hevc decoding libraries. A denial of service vulnerability exists in ihevcdctbboundarystrengthpbslice of libhevc in Android. A remote attacker can exploit thi...

DEBIAN-CVE-2018-5996

Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service segmentation fault or execute arbitrary code via a crafted RAR archive...

7-Zip and p7zip heap buffer overflow vulnerability

7-Zip is a free, open source compression/decompression software. p7zip is its version for Linux-based platforms. A heap buffer overflow vulnerability exists in the NCompress::NShrink::CDecoder::CodeReal method in versions prior to 7-Zip 18.00 and p7zip. A remote attacker can exploit this...