ALPINE-CVE-2018-5785

In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opjj2ksetupencoder function openjp2/j2k.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

imagemagick/encoder_miff_fuzzer: Use-of-uninitialized-value in GetXMPProperty

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5177219254059008 Project: imagemagick Fuzzer: libFuzzerimagemagickencodermifffuzzer Fuzz target binary: encodermifffuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_mpc_fuzzer: Stack-buffer-overflow in GetPathComponent

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5192405184675840 Project: imagemagick Fuzzer: aflimagemagickencodermpcfuzzer Fuzz target binary: encodermpcfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

UBUNTU-CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

CVE-2017-16840

The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service out-of-bounds read because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2encdwt.c...

CVE-2017-16840

CVE-2017-16840 affects FFmpeg 3.0 and 3.4, where the VC-2 video encoder (libavcodec/vc2enc.c and vc2enc_dwt.c) allows a remote attacker to trigger a denial of service via an out-of-bounds read caused by incorrect buffer padding for non-Haar wavelets. The issue has been fixed in FFmpeg 3.4.x relea...

FFmpeg Denial of Service Vulnerability (CNVD-2017-37755)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team.VC-2 Video Compression encoder is one of the video compression encoders. A security vulnerability exists in the VC-2 Video Compression encoder in FFmpeg version 3.4. A remote attacker can...

[SECURITY] Fedora 25 Update: lame-3.100-1.fc25

LAME is an open source MP3 encoder whose quality and speed matches commercial encoders. LAME handles MPEG1,2 and 2.5 layer III encoding with both constant and variable bitrates...

[SECURITY] Fedora 27 Update: lame-3.100-1.fc27

LAME is an open source MP3 encoder whose quality and speed matches commercial encoders. LAME handles MPEG1,2 and 2.5 layer III encoding with both constant and variable bitrates...

[SECURITY] Fedora 26 Update: lame-3.100-1.fc26

LAME is an open source MP3 encoder whose quality and speed matches commercial encoders. LAME handles MPEG1,2 and 2.5 layer III encoding with both constant and variable bitrates...

TP-Link WR940N - Authenticated Remote Code Exploit Exploit

Exploit for hardware platform in category web applications import urllib2 import base64 import hashlib from optparse import import sys import urllibbanner = "\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can...

TP-Link WR940N - (Authenticated) Remote Code

TP-Link WR940N - Authenticated Remote Code import urllib2 import base64 import hashlib from optparse import import sys import urllibbanner = "\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can change that in th...

LAME k_34_4 Heap Overflow Denial of Service Vulnerability

LAME is an MP3 encoder. A security vulnerability in LAME vbrquantize.c k344 allows remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it for a denial of service attack...

LAME Null Pointer Reference Denial of Service Vulnerability

LAME is an MP3 encoder. A security vulnerability in LAME libmp3lame/mpglibinterface.c hipdecodeinit allows remote attackers to exploit the vulnerability by submitting a special mpg file, tricking the user into parsing it, and performing a denial of service attack...

UBUNTU-CVE-2017-15019

LAME 3.99.5 has a NULL Pointer Dereference in the hipdecodeinit function within libmp3lame/mpglibinterface.c via a malformed mpg file, because of an incorrect calloc call...

Motorola Netopia Netoctopus SDCS Stack Buffer Overflow

require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifi...

LAME 'id3v2AddAudioDuration' function null pointer reference denial of service vulnerability

LAME is LAME team developed a set of open source MP3 audio compression software . A security vulnerability exists in the 'id3v2AddAudioDuration' function in the libmp3lame/id3tag.c file in LAME version 3.99.5. An attacker can exploit this vulnerability to cause a denial of service null pointer...

[SECURITY] [DSA 3957-1] ffmpeg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3957-1 [email protected] https://www.debian.org/security/ Luciano Bello August 28, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3957-1] ffmpeg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3957-1 [email protected] https://www.debian.org/security/ Luciano Bello August 28, 2017 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-3957-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...