OSV-2023-920 Security exception in com.github.javaparser.GeneratedJavaParser.Expression

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62731 Crash type: Security exception Crash state: com.github.javaparser.GeneratedJavaParser.Expression java.base/sun.nio.cs.CESU8$Encoder.to3Bytes java.base/sun.nio.cs.CESU8$Encoder.encodeArrayLoop...

Google Chrome VideoEncoder av1_svc_check_reset_layer_rc_flag use-after-free vulnerability

Talos Vulnerability Report TALOS-2023-1751 Google Chrome VideoEncoder av1svccheckresetlayerrcflag use-after-free vulnerability September 25, 2023 CVE Number CVE-2023-3421 SUMMARY A use-after-free vulnerability exists in the VideoEncoder av1svccheckresetlayerrcflag functionality of Google Chrome...

CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

GHSA-J646-GJ5P-P45G CefSharp affected by heap buffer overflow in WebP

Google is aware that an exploit for CVE-2023-4863 exists in the wild. Description Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical References -...

The vulnerability of the Adobe Media Encoder application, related to the execution of operations beyond buffer boundaries in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Media Encoder application relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code by opening a specially created malicious file...

Ubuntu 20.04 LTS / 22.04 LTS : FLAC vulnerability (USN-6360-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6360-1 advisory. It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a...

flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder

A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwritergrow function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder...

flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder

A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwritergrow function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder...

flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder

A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwritergrow function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder...

flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder

A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwritergrow function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder...

flac: Remote Code Execution (RCE) via the bitwriter_grow_ function, by supplying crafted input to the encoder

A flaw was found in the libeconf library. This issue occurs due to a buffer overflow vulnerability in the bitwritergrow function in FLAC that allows remote attackers to run arbitrary code via crafted input to the encoder...

RHEL 9 : flac (RHSA-2023:5047)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5047 advisory. FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference...

Adobe Media Encoder Buffer Overflow Vulnerability (CNVD-2023-82287)

Adobe Media Encoder is an audio and video encoding application from the American company Audobee Adobe. Adobe Media Encoder suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. An attacker could exploit the vulnerabilit...

CVE-2021-36060

Adobe Media Encoder version 15.2 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

CVE-2021-36060

Adobe Media Encoder version 15.2 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

Design/Logic Flaw

Adobe Media Encoder version 15.2 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

CVE-2021-36060 Adobe Media Encoder MPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Media Encoder version 15.2 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

CVE-2021-36060 Adobe Media Encoder MPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Media Encoder version 15.2 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

CVE-2021-36060

Adobe Media Encoder 15.2 and earlier is affected by an out-of-bounds read in MPEG file parsing, enabling memory disclosure and potential bypass of ASLR. Exploitation requires user interaction (victim opens a crafted file). Affected version: 15.2 and earlier; remediation per APSB21-43 is to update...

Adobe Media Encoder 缓冲区错误漏洞

Adobe Media Encoder is an audio and video encoding application from the American company Audobee Adobe. Adobe Media Encoder suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. An attacker could exploit the vulnerabilit...