6907 matches found
PT-2023-15159 · Unknown +1 · Gpac Mp4Box +1
Name of the Vulnerable Software and Affected Versions: GPAC MP4Box version 2.1-DEV-rev574-g9d5bb184b Description: The issue is related to a segmentation violation via the function gf sm load init swf at scene manager/swf parse.c. No information is provided about the estimated number of potentiall...
PT-2022-11256 · Gpac +1 · Gpac +1
Name of the Vulnerable Software and Affected Versions: Gpac versions through 1.0.2 Description: A Segmentation fault caused by null pointer dereference exists in Gpac via the avc parse slice function in av parsers.c when using mp4box, which causes a denial of service. Recommendations: For Gpac...
PT-2022-11253 · Gpac +1 · Gpac +1
Name of the Vulnerable Software and Affected Versions: gpac versions 1.0.1 and earlier Description: A null pointer deference issue exists via the naludmx parse nal avc function in reframe nalu, allowing a denial of service. Recommendations: For gpac versions 1.0.1 and earlier, consider disabling...
PT-2023-15453 · Unknown +1 · Gpac Mp4Box +1
Name of the Vulnerable Software and Affected Versions: GPAC MP4Box version 2.1-DEV-rev644-g5c4df2a67 Description: The issue is related to a buffer overflow in the hevc parse vps extension function, located in the media tools/av parsers.c file at line 7662. This buffer overflow can be exploited,...
PT-2023-3416 · Gpac +3 · Gpac +3
Name of the Vulnerable Software and Affected Versions: gpac versions prior to 2.2.2 Description: The issue is related to a stack-based buffer overflow in the gpac multimedia platform, specifically in the xml sax parse function. This overflow can lead to a denial of service. Recommendations: For...
PT-2023-15168 · Unknown +1 · Gpac Mp4Box +1
Name of the Vulnerable Software and Affected Versions: GPAC MP4box version 2.1-DEV-rev574-g9d5bb184b Description: The issue is related to a buffer overflow in the hevc parse vps extension function of media tools/av parsers.c. This function is used for parsing video parameters, and the buffer...
The vulnerability of the `parse_arguments` function in the rsyncd server’s Rsync utility allows users to compromise data integrity.
The vulnerability of the parsearguments function in the rsyncd utility’s options.c file of the rsync server is related to the possibility of using multiple protect-args parameters. This allows attackers to circumvent existing security mechanisms. Exploiting this vulnerability could enable a remot...
CVE-2018-20027
The yamlparse.load method in Pylearn2 allows code injection...
Lisa-lab/pylearn2 inventory in command execution vulnerability
The Pylearn2/config/yamlparse.load function suffers from a command execution vulnerability in its implementation, which allows an attacker to perform arbitrary code operations...
Google Android Buffer Overflow Vulnerability (CNVD-2019-27574)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A buffer overflow vulnerability exists in the 'impdparsefiltblock' function of the impddrcdynamicpayload.c file in Android version 9, which stems from a lack of boundary checking ...
Google Android Buffer Overflow Vulnerability (CNVD-2019-27582)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A buffer overflow vulnerability exists in the 'impdparsesplitdrccharacteristic' function of the impddrcstaticpayload.c file in Android version 9, which stems from a lack of bounda...
Google Android Buffer Overflow Vulnerability (CNVD-2019-27576)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A buffer overflow vulnerability exists in the 'impdparseloudeqinstructions' function of the impddrcdynamicpayload.c file in Android version 9, which stems from a lack of boundary...
Google Android Buffer Overflow Vulnerability (CNVD-2019-27579)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A buffer overflow vulnerability exists in the 'impdparametricdrcparsegainsetparams' function of the impddrcstaticpayload.c file in Android version 9, which stems from a lack of...
LibRaw 'LibRaw::parse_exif()' function stack buffer overflow vulnerability
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A stack buffer overflow vulnerability exists in the 'LibRaw::parseexif' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.9. A remote attacker coul...
Ruby: The taint flag is not propagated at JSON.parse
Vulnerability description not provided...
CVE-2018-9571
In impdparseloudeqinstructions of impddrcdynamicpayload.c there is a possible out-of-bound write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9...
CVE-2018-9570
In impdparsedrcextv1 of impddrcdynamicpayload.c there is a possible out-of-bound write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android...
CVE-2018-9576
In impdparseparametricdrcinstructions of impddrcstaticpayload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...
CVE-2018-9575
In impdparsedwnmixinstructions of impddrcstaticpayload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9...
DEBIAN-CVE-2018-5813
An error within the "parseminolta" function dcraw/dcraw.c in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file...