GPAC 安全漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version 2.3-DEV-rev1-g4669ba229-master, which stems from the discovery of a contained buffer overflow vulnerability via the avcparseslice function in mediatools/avparsers.c...

PT-2023-18855 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev1-g4669ba229-master Description: A buffer overflow issue exists in the avc parse slice function located in the media tools/av parsers.c file. This issue can be exploited, but details about the estimated number of...

DEBIAN-CVE-2022-25901

Versions of the package cookiejar before 2.1.4 are vulnerable to Regular Expression Denial of Service ReDoS via the Cookie.parse function, which uses an insecure regular expression...

CookieJar 安全漏洞

CookieJar is a simple and robust cookie library. A security vulnerability exists in CookieJar versions prior to 2.1.4, which stems from the use of insecure regular expressions in the Cookie.parse function...

Adobe Acrobat Reader 输入验证错误漏洞

Adobe Acrobat Reader is the United States of America Audobee Adobe, a PDF viewer. A security vulnerability exists in Adobe Acrobat and Reader, which can be exploited by a remote attacker to submit a special file request and trick the user into parsing it, which can cause the application to crash ...

GSD-2023-1001384 mcb: mcb-parse: fix error handing in chameleon_parse_gdd()

mcb: mcb-parse: fix error handing in chameleonparsegdd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

GSD-2023-1001069 mcb: mcb-parse: fix error handing in chameleon_parse_gdd()

mcb: mcb-parse: fix error handing in chameleonparsegdd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1000656 mcb: mcb-parse: fix error handing in chameleon_parse_gdd()

mcb: mcb-parse: fix error handing in chameleonparsegdd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...

PT-2023-33599 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue is related to a null pointer dereference in the hugetlbfs parse param function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kerne...

PT-2023-33879 · Libbpf · Libbpf

Name of the Vulnerable Software and Affected Versions: libbpf versions prior to v6.0.16 Description: A memory leak issue was discovered in the parse usdt arg function. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to v6.0.16, update to Lin...

PT-2023-33870 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: A memory leak issue exists in the hi846 parse dt function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v6.0.16,...

libxml2: integer overflows with XML_PARSE_HUGE

A flaw was found in libxml2. Parsing a XML document with the XMLPARSEHUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEntityValue function didn't have any length limitation...

Gather MinIO Client Key

This module searches for MinIO Client credentials on a Windows host. Module Options msf use post/multi/gather/minioclient msf postminioclient show actions ...actions... msf postminioclient set ACTION msf postminioclient show options ...show and set options... msf postminioclient run This module...

DEBIAN-CVE-2022-47657

GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevcparsevpsextension of mediatools/avparsers.c:7662...

UBUNTU-CVE-2022-47657

GPAC MP4Box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to buffer overflow in function hevcparsevpsextension of mediatools/avparsers.c:7662...

CVE-2022-47086

GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gfsmloadinitswf at scenemanager/swfparse.c...

DEBIAN-CVE-2022-47095

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevcparsevpsextension function of mediatools/avparsers.c...

DEBIAN-CVE-2022-46489

GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the gfisomboxparseex function at boxfuncs.c...

Design/Logic Flaw

GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gfsmloadinitswf at scenemanager/swfparse.c...

UBUNTU-CVE-2022-47086

GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gfsmloadinitswf at scenemanager/swfparse.c...