CVE-2025-55652

GPAC MP4Box v2.4 is affected by a heap buffer overflow in gf_isom_vp_config_new (isomedia/avc_ext.c), enabling DoS via a crafted MP4 file. This is documented across multiple sources (CVE-2025-55652, EUVD-2025-210150, NVD, CVELIST, etc.). The vulnerability details specify the vulnerable function a...

UBUNTU-CVE-2025-60486

A heap use-after-free in the dasherprocess function /filters/dasher.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 file...

PT-2026-41012

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-good versions prior to 1.28.2 Description An issue exists when parsing MP4 audio tracks where the isomp4 plugin's qtdemux parse trak function fails to sufficiently validate atom data before performing division operations...

RLSA-2025:7402 Moderate: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: Memory corruption in the ngxhttpmp4module CVE-2022-41741 nginx: Memory disclosure in the ngxhttpmp4module CVE-2022-41742 nginx: speciall...

Linux Distros Unpatched Vulnerability : CVE-2019-13602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Integer Underflow in MP4EIA608Convert in modules/demux/mp4/mp4.c in VideoLAN VLC media player through 3.0.7.1 allows remote attackers to cause a denial of...

Linux Distros Unpatched Vulnerability : CVE-2020-35653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding a crafted PCX file because the user-supplied stride value is trusted for buffer...

Code-Projects Church Donation System 代码问题漏洞

Code-Projects Church Donation System is an open source church donation system by Code-Projects. A code issue vulnerability exists in Code-Projects Church Donation System version 1.0, which stems from an unrestricted upload issue due to incorrect manipulation of the parameter image in the file...

tsMuxer 安全漏洞

tsMuxer is a transport stream multiplexer for remixing/multiplexing elementary streams by Dan's personal developer. A security vulnerability exists in version tsMuxer nightly-2024-05-12-02-01-18, which stems from the presence of a buffer overflow that allows an attacker to cause a denial of servi...

PT-2024-37215 · Irfan Skiljan · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this issue, where the target must visit a...

CVE-2023-43898

Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbiconvertformat. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted pic file...

stb code issue vulnerability

stb is a single-file public domain library for C/C ++. A code issue vulnerability exists in stb version 2.28, which stems from a null pointer dereference issue in the function stbiconvertformat. An attacker could exploit this vulnerability to cause a Denial of Service DoS via a specially crafted...

CVE-2022-33890

A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process...

CVE-2022-27529

A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the allocated buffer while parsing PICT, BMP, PSD or TIF file. This vulnerability may be exploited to execute arbitrary code...

The vulnerability of the ImageIO component in iOS, iPadOS, tvOS, watchOS, and macOS allows a hacker to execute arbitrary code on the target system.

The vulnerability of the ImageIO component in iOS, iPadOS, tvOS, watchOS, and macOS relates to the execution of operations outside of the buffer in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system using a specially created malicious PICT file...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the stbiconvertformat function via the stbimage.h component. An attacker can cause a crash and denial of service by loading a specially crafted invalid PICT file. Remediation Upgrade sdlimage to version 3.4.0...

CVE-2021-21464

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

UBUNTU-CVE-2014-9834

Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file...

7 1 1 enterprise web site management program V6. 0 Then proof upload vulnerability and exploit-vulnerability warning-the black bar safety net

sfmb ----------------------- The other day a Cookie injection vulnerability, and today they turned to see to In the ADMIN directory there are 2 Upload File upfile. asp and upfile2. asp These 2 components of the function is: without logging in the backend, without having to cut packages, direct...