PT-2023-3757 · Mp4V2 · Mp4V2

Name of the Vulnerable Software and Affected Versions: mp4v2 version 2.1.3 Description: The issue is related to a memory leak in the MP4SdpAtom::Read function of the atom sdp.cpp component in the mp4v2 library, which is used for creating, modifying, and reading MP4 files. Exploitation of this iss...

PT-2023-5283 · Libeconf +3 · Libeconf +3

Name of the Vulnerable Software and Affected Versions: libeconf version 0.5.1 Description: The issue is related to a stack overflow vulnerability in the read file function of the libeconf library, which can be exploited by a remote attacker to cause a denial of service or execute arbitrary code...

PT-2023-4730 · Lg · Lg Simple Editor

Name of the Vulnerable Software and Affected Versions: LG Simple Editor affected versions not specified Description: The issue is related to the readVideoInfo method of LG Simple Editor, which lacks proper validation of user-supplied strings before executing system calls. This allows remote...

PT-2021-7607 · Unknown +1 · Cgal Libcgal +1

Name of the Vulnerable Software and Affected Versions: CGAL libcgal version 5.1.1 Description: Multiple code execution vulnerabilities exist in the Nef polygon-parsing functionality. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code...

PT-2021-7597 · Unknown +1 · Cgal Libcgal +1

Name of the Vulnerable Software and Affected Versions: CGAL libcgal version 5.1.1 Description: The issue is related to multiple code execution vulnerabilities in the Nef polygon-parsing functionality. A specially crafted malformed file can lead to an out-of-bounds read and type confusion,...

PT-2021-7590 · Unknown +1 · Cgal Libcgal +1

Name of the Vulnerable Software and Affected Versions: CGAL libcgal version 5.1.1 Description: The issue is related to multiple code execution vulnerabilities in the Nef polygon-parsing functionality of CGAL libcgal. A specially crafted malformed file can lead to an out-of-bounds read and type...

PT-2021-10978 · Speex +8 · Speex +8

Name of the Vulnerable Software and Affected Versions: Speex version 1.2 Description: A Divide by Zero vulnerability in the function read samples of Speex allows attackers to cause a denial of service DoS via a crafted WAV file. Recommendations: For Speex version 1.2, as a temporary workaround,...

PT-2020-2816 · Videolabs +1 · Libmicrodns +1

Name of the Vulnerable Software and Affected Versions: Videolabs libmicrodns version 0.1.0 Description: An exploitable denial-of-service issue exists in the resource allocation handling of Videolabs libmicrodns. When encountering errors while parsing mDNS messages, some allocated data is not free...

PT-2018-18614 · Libyal +1 · Libevt +1

Name of the Vulnerable Software and Affected Versions: libevt versions prior to 2018-03-17 Description: The issue concerns the libevt record values read event function in libevt record values.c, which does not properly check for out-of-bounds values of user SID data size, strings size, or data...

PT-2017-4104 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.6-6 Description: A memory exhaustion issue was found in the ReadTIFFImage function, allowing attackers to cause a denial of service. The vulnerability is related to an error in the resource control mechanism, which can...

Code injection

Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers...