50 matches found
libde265: Multiple Vulnerabilities
Background Open h.265 video codec implementation. Description Multiple vulnerabilities have been discovered in libde265. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this...
SDL_ttf: Arbitrary Memory Write
Background SDLttf is a wrapper around the FreeType and Harfbuzz libraries, allowing you to use TrueType fonts to render text in SDL applications. Description A vulnerability has been discovered in SDLttf. Please review the CVE identifier referenced below for details. Impact SDLttf was discovered ...
libvpx: Multiple Vulnerabilities
Background libvpx is the VP8 codec SDK used to encode and decode video streams, typically within a WebM format media file. Description Multiple vulnerabilities have been discovered in libvpx. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
libsndfile: Multiple Vulnerabilities
Background libsndfile is a C library for reading and writing files containing sampled sound. Description Multiple vulnerabilities have been discovered in libsndfile. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
faac: Denial of service
Background faac contains free MPEG-4 audio codecs by AudioCoding.com. Description An invalid pointer can be dereferenced in the huffcode function of libfaac/huff2.c, leading to a crash. Impact An attacker with the ability to provide crafted input to faac could cause a denial of service. Workaroun...
libpano13: Format string vulnerability
Background libpano13 is Helmut Dersch’s panorama toolbox library. Description A format string issue exists within panoFileOutputNamesCreate where unvalidated input is passed directly into the formatter. Impact A remote attacker could entice a user to open a specially crafted file using libpano1...
LittleCMS: User-assisted execution of arbitrary code
Background LittleCMS, or short lcms, is a color management system for working with ICC profiles. It is used by many applications including GIMP, Firefox and Chromium. Description It was discovered that LittleCMS aka Little Color Management System had an integer overflow in the AllocateDataSet...
libTIFF: Multiple vulnerabilities
Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in LibTIFF. Please review the referenced...
GStreamer Base Plugins: Heap-based buffer overflow
Background A well-groomed and well-maintained collection of GStreamer plug-ins and elements, spanning the range of possible types of elements one would want to write for GStreamer. Description It was discovered that GStreamer Base Plugins did not correctly handle certain malformed RTSP streams...
GLSA-201904-15 : libTIFF: Denial of service
The remote host is affected by the vulnerability described in GLSA-201904-15 libTIFF: Denial of service Please review the CVE identifier referenced below for details. Impact : Please review the CVE identifier referenced below for details. Workaround : There is no known workaround at this time. C...
libTIFF: Denial of service
Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Please review the CVE identifier referenced below for details. Impact Please review the...
libTIFF: Multiple vulnerabilities
Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in LibTIFF. Please review the referenced...
jbig2dec: User-assisted execution of arbitrary code
Background jbig2dec is a decoder implementation of the JBIG2 image compression format. Description Integer overflow errors have been discovered in the jbig2decodesymboldict, jbig2buildhuffmantable, and jbig2imagecompose functions of jbig2dec. Impact A remote attacker, by enticing a user to open a...
GLSA-201701-76 : HarfBuzz: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201701-76 HarfBuzz: Multiple vulnerabilities Multiple vulnerabilities have been discovered in HarfBuzz. Please review the CVE identifiers referenced below for details. Impact : Remote attackers, through the use of crafted data,...
GLSA-201701-60 : LibRaw: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201701-60 LibRaw: Multiple vulnerabilities Multiple vulnerabilities have been discovered in LibRaw. Please review the CVE identifiers referenced below for details. Impact : An attacker could execute arbitrary code, cause a Denial ...
libpng: User-assisted execution of arbitrary code
Background libpng is a standard library used to process PNG Portable Network Graphics images. It is used by several programs, including web browsers and potentially server processes. Description Two vulnerabilities have been discovered in libpng: The pnguserversioncheck function contains an...
GLSA-201412-46 : LittleCMS: Denial of Service
The remote host is affected by the vulnerability described in GLSA-201412-46 LittleCMS: Denial of Service Multiple stack-based buffer overflows and a profile parser error have been found in LittleCMS. Impact : A remote attacker could entice a user or automated system to open a specially crafted...
GLSA-201408-07 : ModPlug XMMS Plugin: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201408-07 ModPlug XMMS Plugin: Multiple vulnerabilities Multiple vulnerabilities have been discovered in ModPlug XMMS Plugin. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibl...
ModPlug XMMS Plugin: Multiple vulnerabilities
Background ModPlug XMMS Plugin is a library for playing MOD-like music files Description Multiple vulnerabilities have been discovered in ModPlug XMMS Plugin. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the...
GLSA-201406-22 : Network Audio System: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201406-22 Network Audio System: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Network Audio System. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker...