CVE-2023-27812

bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the deletefile function...

CVE-2023-27812

bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the deletefile function...

Sql injection

bloofox v0.5.2 was discovered to contain a SQL injection vulnerability via the component /index.php?mode=content&page=pages&action=edit&eid=1...

CVE-2023-27812

bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the deletefile function...

CVE-2021-28300

NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack" function of GPAC v0.5.2 allows attackers to execute arbitrary code or cause a Denial-of-Service DoS by uploading a malicious MP4 file...

CVE-2021-28300

NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack" function of GPAC v0.5.2 allows attackers to execute arbitrary code or cause a Denial-of-Service DoS by uploading a malicious MP4 file...

CVE-2021-28300

GPAC v0.5.2 contains a NULL Pointer Dereference in isomedia/track.c MergeTrack() that can be triggered by uploading a malicious MP4, allowing remote attackers to execute arbitrary code or cause a Denial-of-Service. This is reflected across multiple sources (CVE-2021-28300, Red Hat, Debian OSV, CN...

GPAC 代码问题漏洞

GPAC is a multimedia framework for rich media and distributed under the LGPL license. A null pointer dereference vulnerability exists in the MergeTrack function of the isomedia/track.c module in GPAC v0.5.2. An attacker can exploit this vulnerability by uploading a malicious MP4 file to execute...

CVE-2021-21235

kamadak-exif is an exif parsing library written in pure Rust. In kamadak-exif version 0.5.2, there is an infinite loop in parsing crafted PNG files. Specifically, reader::readfromcontainer can cause an infinite loop when a crafted PNG file is given. This is fixed in version 0.5.3. No workaround i...