Github libjxl 缓冲区错误漏洞

Github libjxl is a reference implementation of PEG XL encoder and decoder. A buffer error vulnerability exists in libjxl that stems from the fact that invalid JPEG XL images using libjxl may result in out-of-bounds accesses to std::vector when rendering samples. oob read accesses may result in...

UBUNTU-CVE-2021-41456

There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmxnhml.c:1004 in the nhmldmxsendsample function szXmlTo parameter which leads to a denial of service vulnerability...

Gpac MP4Box 缓冲区错误漏洞

MP4Box is a multimedia packager available in GPAC. A stack buffer overflow vulnerability exists in the nhmldmxsendsample function in src/filters/dmxnhml.c:1004 in MP4Box version 1.0.1. An attacker can exploit this vulnerability to cause a denial of service via the szXmlTo parameter...

PT-2021-23301 · Mp4Box · Mp4Box

Name of the Vulnerable Software and Affected Versions: MP4Box version 1.0.1 Description: The issue is a stack buffer overflow in the nhmldmx send sample function, specifically with the szXmlTo parameter, located at src/filters/dmx nhml.c:1004. This leads to a denial of service vulnerability...

PT-2021-23303

Name of the Vulnerable Software and Affected Versions MP4Box version 1.0.1 Description The issue is a stack buffer overflow in the nhmldmx send sample function at src/filters/dmx nhml.c:1008, specifically affecting the szXmlFrom parameter. This leads to a denial of service vulnerability...

DEBIAN-CVE-2020-23269

An issue was discovered in gpac 0.8.0. The stblGetSampleSize function in isomedia/stblread.c has a heap-based buffer overflow which can lead to a denial of service DOS via a crafted media file...

UBUNTU-CVE-2020-23269

An issue was discovered in gpac 0.8.0. The stblGetSampleSize function in isomedia/stblread.c has a heap-based buffer overflow which can lead to a denial of service DOS via a crafted media file...

CVE-2021-39547

An issue was discovered in sela through 20200412. A NULL pointer dereference exists in the function lpc::SampleGenerator::process located in samplegenerator.cpp. It allows an attacker to cause Denial of Service...

DEBIAN-CVE-2021-39515

An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function SampleInterleavedLSScan::ParseMCU located in sampleinterleavedlsscan.cpp. It allows an attacker to cause Denial of Service...

libjpeg 代码问题漏洞

libjpeg is a free library written entirely in C to handle the JPEG image data format. libjpeg 2020021 and earlier versions of sampleinterleavedlsscan.cpp have a null pointer in the SampleInterleavedLSScan::ParseMCU function to solve the reference vulnerability. An attacker could exploit this...

Sela 代码问题漏洞

SELA is a lossless audio codec. lpc::SampleGenerator::process function in samplegenerator.cpp in SELA 20200412 and earlier versions is vulnerable to a null pointer dereference. An attacker could exploit this vulnerability to cause a denial of service...

PT-2021-6552 · Faad2 +4 · Faad2 +4

Name of the Vulnerable Software and Affected Versions: faad2 versions through 2.10.0 Description: An issue exists in the function get sample located in output.c, which allows an attacker to cause Denial of Service due to a NULL pointer dereference. This can be exploited by a remote attacker to...

Afterpay Gateway for WooCommerce < 3.2.1 - Reflected Cross-Site Scripting

The plugin has sample files form the https://github.com/afterpay/sdk-php library, which do not escape some parameters before outputting them in attributes, leading to Reflected Cross-Site Scripting issues. PoC...

Pathprober - Probe And Discover HTTP Pathname Using Brute-Force Methodology And Filtered By Specific Word Or 2 Words At Once

Probe and discover HTTP pathname using brute-force methodology and filtered by specific word or 2 words at once. Purpose Brute-forcing website directories or HTTP pathname and validate using HTTP response code is not relevant anymore. This tool will help you to perform a penetration test, because...

DNSrr - A Tool Written In Bash, Used To Enumerate All The Juicy Stuff From DNS

DNSrr is a tool written in bash, used to enumerate all the juicy stuff from DNS records, it uses different techniques like DNS Forward Bruteforce DNS Reverse Bruteforce DNS Cache Snooping DNS Zone Transfer To get you all the information that you can get, from a DNS server. Installation Install it...

CVE-2021-21794

An out-of-bounds write vulnerability exists in the TIF bitspersample processing functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability...

PT-2021-14779 · Accusoft · Accusoft Imagegear

Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 19.9 Description: An out-of-bounds write issue exists in the TIF bits per sample processing functionality. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file t...

Security update for libopenmpt (moderate)

openSUSE Security Update: Security update for libopenmpt Announcement ID: openSUSE-SU-2021:0885-1 Rating: moderate References: 1186663 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for libopenmpt fixes the following...

CVE-2021-25384

An improper input validation vulnerability in sdfffdparsechunkPROP with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process...

CVE-2021-25384

An improper input validation vulnerability in sdfffdparsechunkPROP with Sample Rate Chunk in libsdffextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process...