12 matches found
CVE-2025-63645
CVE-2025-63645 is a stored XSS in pH7Software pH7-Social-Dating-CMS 17.9.1, affecting the messaging system where unsanitized message content is persisted and later rendered in Inbox view without proper encoding, allowing attacker-controlled content to execute in a recipient’s browser. Public docs...
EUVD-2015-6758
Malware in sbrugna...
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding such as checks for whether a UTF-8 character is valid in a certain context.
...
Directory Traversal
tomcat-coyote is vulnerable to directory traversal attacks. The vulnerability exists as the JVM does not correctly decode UTF-8 encoded URLs, and when a context is configured with allowLinking="true", allowing directory traversal attacks...
FreeBSD : ffmpeg -- multiple vulnerabilities (3d950687-b4c9-4a86-8478-c56743547af8)
NVD reports : The decodeihdrchunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR aka image header chunk in a PNG image, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact v...
CVE-2015-6821
The ffmpvcommoninit function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted MPEG data...
CVE-2015-6821
The ffmpvcommoninit function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted MPEG data...
DEBIAN-CVE-2015-6821
The ffmpvcommoninit function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted MPEG data...
CVE-2015-6821
The ffmpvcommoninit function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted MPEG data...
UBUNTU-CVE-2015-6821
The ffmpvcommoninit function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted MPEG data...
CVE-2015-6821
The ffmpvcommoninit function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted MPEG data...
CVE-2015-6821
The CVE-2015-6821 entry concerns FFmpeg before 2.7.2. The vulnerability is in the function ff_mpv_common_init (libavcodec/mpegvideo.c), where the encoding context is not properly maintained, enabling remote attackers to trigger a denial of service via crafted MPEG data (invalid pointer access), w...