CVE-2022-48236

In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...

CVE-2022-48236

In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...

CVE-2022-48236

CVE-2022-48236 concerns the MP3 encoder in UNISOC chipsets. A missing bounds check can cause an out-of-bounds read, leading to local denial of service with system‑level privileges required. Reported base metrics (CVSS 3.1: AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H; base score 4.4) indicate local access...

CVE-2022-48235

In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...

CVE-2022-48235

In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...

CVE-2022-48235

The CVE-2022-48235 issue concerns the UNISOC MP3 encoder in chipsets, where a missing bounds check can cause an out-of-bounds write. This leads to a local denial of service with System execution privileges required. Affected component: MP3 encoder; root cause: missing bounds check leading to out-...

UNISOC Chipsets 缓冲区错误漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in the UNISOC Chipsets MP3 encoder module, which stems from a lack of boundary checking, resulting in out-of-bounds reads...

PT-2023-15631 · Unknown · Mp3 Encoder

Name of the Vulnerable Software and Affected Versions: MP3 encoder affected versions not specified Description: The issue is related to a missing bounds check in the MP3 encoder, which could lead to an out of bounds read. This might result in a local denial of service and requires System executio...

PT-2023-15630 · Unknown · Mp3 Encoder

Name of the Vulnerable Software and Affected Versions: MP3 encoder affected versions not specified Description: The issue is related to a missing bounds check in the MP3 encoder, which could lead to a possible out of bounds write. This might result in a local denial of service and requires System...

CVE-2023-1999

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to tria...

UBUNTU-CVE-2023-1999

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to tria...

[SECURITY] Fedora 36 Update: libheif-1.15.2-1.fc36

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

[SECURITY] Fedora 38 Update: libheif-1.15.2-1.fc38

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

Unbounded Loop in DNS Name Encoder Library

Lines of code Vulnerability details Impact The unchecked keyword disables overflow and underflow checks for arithmetic operations, which can cause unexpected behavior if the loop is not properly bounded. In this specific case, the loop is not properly bounded, which can cause the loop to run...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection such that the encoder.rb file unsafely constructs a shell string using the file parameter, which can potentially leave clients of discordrb vulnerable to command injection. Note: The library is not directly exploitable...

discordrb操作系统命令注入漏洞

discordrb is Shard Lab's personal developer's repository for implementing the Discord API using Ruby. Discordrb suffers from an operating system command injection vulnerability that stems from the encoder.rb file insecurely constructing a shell string using the file parameter, which leaves the...

PT-2023-21560 · Discordrb · Discordrb

Name of the Vulnerable Software and Affected Versions: discordrb versions prior to commit 91e13043ffa Description: The discordrb library, an implementation of the Discord API using Ruby, has a command injection issue due to the unsafe construction of a shell string using the file parameter in the...

PT-2025-53045

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the DRM encoder handling during unbinding, specifically within the drm/rockchip and dw hdmi components. This issue results in a use-after-free crash...

XOR POLY Encoder

An x86 Simple POLY Xor encoding method. using polymorphism Register swapping, and instructions modification Module Options msf use encoder/x86/xorpoly msf encoderxorpoly show actions ...actions... msf encoderxorpoly set ACTION msf encoderxorpoly show options ...show and set options... msf...

USN-5958-1 ffmpeg vulnerabilities

It was discovered that FFmpeg could be made to dereference a null pointer. An attacker could possibly use this to cause a denial of service via application crash. These issues only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-3109, CVE-2022-3341 It...