Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2023/06/01 12:0 a.m.3 views

MP4v2 安全漏洞

MP4v2 is a library for creating, modifying, and reading MP4 files by the individual developer enzo1982. A security vulnerability exists in MP4v2 version v2.1.3, which stems from the discovery of a contained memory leak via the MP4StringProperty class in mp4property.cpp...

5.5CVSS5.6AI score0.00136EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/05/16 12:0 a.m.3 views

PT-2023-3046 · Mp4V2 · Mp4V2

Name of the Vulnerable Software and Affected Versions: mp4v2 version 2.1.3 Description: The issue is related to a memory leak via the MP4StringProperty class in the mp4v2 library, which can be exploited by a remote attacker to cause a denial of service. The vulnerability is also associated with t...

10CVSS7.7AI score0.00136EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 2023/04/24 12:0 a.m.3 views

PT-2023-22317 · Mp4V2 · Mp4V2

Name of the Vulnerable Software and Affected Versions: mp4v2 version 2.0.0 Description: A heap buffer overflow issue was discovered in mp4v2 via the mp4v2::impl::MP4StringProperty::MP4StringProperty function at src/mp4property.cpp. Recommendations: For mp4v2 version 2.0.0, as a temporary...

8.8CVSS9.2AI score0.00365EPSS
Exploits1References10
OSV
OSVadded 2022/10/19 8:15 a.m.10 views

CVE-2022-42466

Prior to 2.0.0-M9, it was possible for an end-user to set the value of an editable string property of a domain object to a value that would be rendered unchanged when the value was saved. In particular, the end-user could enter javascript or similar and this would be executed. As of this release,...

6.1CVSS6.2AI score
Exploits0References2
Veracode
Veracodeadded 2021/06/22 5:51 a.m.18 views

Cross-site Scripting (XSS)

mongo-express is vulnerable to cross-site scripting. An attacker is able to inject and execute malicious script via a string property of documents when only preview is loaded...

8.1CVSS3.1AI score0.01294EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2018/07/13 5:29 p.m.0 views

UBUNTU-CVE-2018-14054

A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered...

9.8CVSS7.3AI score0.00547EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2018/07/13 12:0 a.m.1 views

PT-2018-12308 · Aurorasparc Llc · Mp4V2

Name of the Vulnerable Software and Affected Versions: MP4v2 version 2.0.0 Description: A double free issue exists in the MP4StringProperty class, located in mp4property.cpp. This occurs when a dangling pointer is freed again in the destructor after an exception is triggered. Recommendations: For...

9.8CVSS9.4AI score0.00547EPSS
Exploits1References14
seebug.org
seebug.orgadded 2013/11/17 12:0 a.m.32 views

Google Chrome “id”属性字符串释放后重利用远程代码执行漏洞(CVE-2013-6624)

BUGTRAQ ID: 63670 CVECAN ID: CVE-2013-6624 Google Chrome是由Google开发的一款设计简单、高效的Web浏览工具。 Chrome 31.0.1650.48之前版本存在“id”属性字符串相关的释放后重利用漏洞,攻击者可利用此漏洞在受影响用户上下文中执行任意代码。 0 Google Chrome = 17.0.963 79 厂商补丁: Google ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.google.com...

7.5CVSS0.01461EPSS
Exploits1
Rows per page
Query Builder