Headline
CVE-2021-32294: A heap-buffer-overflow in RIFF.cpp:1151 · Issue #1 · drbye78/libgig
An issue was discovered in libgig through 20200507. A heap-buffer-overflow exists in the function RIFF::List::GetSubList located in RIFF.cpp. It allows an attacker to cause code Execution.
Related news
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
MaianAffiliate v1.0 allows an authenticated administrative user to save an XSS to the database.
An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.
Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac through 20200801, allows attackers to execute arbitrary code.
tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of data, OACK, and other options.
The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files and achieve remote code execution, in versions up to and including 0.0.
Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.