JLSEC-2025-254 tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an i...

tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...

JLSEC-2025-128 FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the...

FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the avsamplessetsilence function in thelibavutil/samplefmt.c:260:9 component...

EUVD-2023-54837

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-32230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

OSV-2025-300 Negative-size-param in recurse_update_offsets

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=413078692 Crash type: Negative-size-param Crash state: recurseupdateoffsets match pcre2match8...

OSV-2024-1332 Negative-size-param in extract_mr_data

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=379768247 Crash type: Negative-size-param Crash state: extractmrdata parsemrstring readstatparsesav...

CVE-2024-49776

A negative-size-param in tsMuxer version nightly-2024-04-05-01-53-02 allows attackers to cause Denial of Service DoS via a crafted TS video file...

PT-2024-33684

Name of the Vulnerable Software and Affected Versions: tsMuxer version nightly-2024-04-05-01-53-02 Description: The issue allows attackers to cause Denial of Service DoS via a crafted TS video file. This is due to a negative-size-param in the affected version of tsMuxer. Recommendations: For...

PT-2024-40835 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, which occurs in the pdf resize resource arrays function, called by process cmap text and...

OESA-2024-1875 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An integer overflow...

SUSE CVE-2024-32230

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

UBUNTU-CVE-2024-32230

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

CVE-2024-32230

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

PT-2024-40673 · Git +1 · Htslib

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, as reported by OSS-Fuzz. The crash occurs in the following functions: vcf parse format,...

PT-2023-35606 · Git +1 · Pcapplusplus

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, as reported by OSS-Fuzz. The crash occurs in the pcpp::RawPacket::insertData function,...

PT-2023-35576 · Git +1 · Pcapplusplus

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, as reported by OSS-Fuzz. The crash occurs in the pcpp::RawPacket::insertData function,...

PT-2023-35909 · Git +1 · Ndpi

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, as reported by OSS-Fuzz. The crash occurs in the following functions: check content type...

PT-2023-35825 · Hdf5 · Hdf5

Name of the Vulnerable Software and Affected Versions: HDF5 affected versions not specified Description: The issue is related to a crash caused by a negative-size-param, which occurs in the H5MM memcpy function, called by H5O link decode and H5O msg iterate real. Recommendations: At the moment,...

SUSE CVE-2019-17546

tifgetimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition...

PT-2022-36762 · Git +1 · Mruby

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a negative-size-param, which occurs in the mrb str format function, followed by mrb f sprintf and mrb vm exec. ...