15 matches found
CVE-2022-27496
Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
EUVD-2022-31997
Malicious code in bioql PyPI...
SUSE CVE-2017-18207
The Waveread.readfmtchunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service divide-by-zero and exception via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications...
@discordjs/opus 安全漏洞
@discordjs/opus is an open source native binding of discord.js to libopus v1.3. A security vulnerability exists in @discordjs/opus that stems from the vulnerability of this package to denial-of-service DoS attacks when attempting to encode with an encoder that has a zero-channel or an uninitializ...
CVE-2022-27496
Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-27496
Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-27496
Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
Cross site scripting
Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
CVE-2022-27496
CVE-2022-27496 : Cross-site scripting in Zero-channel BBS Plus before or equal to v0.7.4 allows a remote attacker to inject arbitrary scripts via unspecified vectors. The available connected documents confirm the vulnerability and its impact (XSS) but do not provide any concrete fix/version detai...
CVE-2022-27496
Cross-site scripting vulnerability in Zero-channel BBS Plus v0.7.4 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors...
Zero-channel BBS Plus vulnerable to cross-site scripting
Overview Zero-channel BBS Plus by Zero-Channel BBS Plus Developers is a bulletin board CGI script. Zero-channel BBS Plus contains a cross-site scripting vulnerability CWE-79. Zero-Channel BBS Plus Developers reported this vulnerability to JPCERT/CC to notify users of its solution through JVN...
JVN#59576930: Zero-channel BBS Plus vulnerable to cross-site scripting
Zero-channel BBS Plus by Zero-Channel BBS Plus Developers is a bulletin board CGI script. Zero-channel BBS Plus contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the web browser of the user who is accessing the management screen of the product,...
oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service (divide-by-zero error and crash) via a WAV file with the number of channels set to zero.
...
UBUNTU-CVE-2017-18189
In the startread function in xa.c in Sound eXchange SoX through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NULL pointer dereference, which may allow a remote attacker to cause a denial-of-service...
speex speexenc parsing channel field denial of service vulnerability
Speex is an open source, free, patent-free audio compression format primarily for speech. The encoder program speexenc in speex-1.2rc2 and previous versions crashes when parsing wav files with zero values in the channel field resulting in a division by zero...