Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-23884: Open a malformed mng format file, buffer overflow and memory corruption will occur. · Issue #516 · nomacs/nomacs

A buffer overflow in Nomacs v3.15.0 allows attackers to cause a denial of service (DoS) via a crafted MNG file.

CVE
#mac#dos

Related news

CVE-2021-32664: Build software better, together

Combodo iTop is an open source web based IT Service Management tool. In affected versions there is a XSS vulnerability on "run query" page when logged as administrator. This has been resolved in versions 2.6.5 and 2.7.5.

CVE-2020-22675: There is a heap-buffer-overflow in the GetGhostNum function of stbl_read.c:369 · Issue #1344 · gpac/gpac

An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.

CVE-2020-22677: There is a heap-buffer-overflow in the dump_data_hex function of box_dump.c:51 · Issue #1341 · gpac/gpac

An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.

CVE-2020-22678: There is a heap-buffer-overflow in the gf_media_nalu_remove_emulation_bytes function of av_parsers.c:4722 · Issue #1339 · gpac/gpac

An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.

CVE-2020-23269: Heap-buffer-overflow isomedia/stbl_read.c:135 in stbl_GetSampleSize() · Issue #1482 · gpac/gpac

An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.

CVE-2020-23267: Heap buffer overflow in isom_hinter.c:766 in gf_hinter_track_process() · Issue #1479 · gpac/gpac

An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file

CVE-2021-39552: A heap-buffer-overflow in wav_file.cpp:160:40 · Issue #23 · sahaRatul/sela

An issue was discovered in sela through 20200412. file::WavFile::readFromFile() in wav_file.c has a heap-based buffer overflow.

CVE-2021-39550: A heap-buffer-overflow in sela_file.cpp:90:53 · Issue #30 · sahaRatul/sela

An issue was discovered in sela through 20200412. file::SelaFile::readFromFile() in sela_file.cpp has a heap-based buffer overflow.

CVE-2021-39551: A heap-buffer-overflow in sela_file.cpp:78:67 · Issue #26 · sahaRatul/sela

An issue was discovered in sela through 20200412. file::SelaFile::readFromFile() in sela_file.c has a heap-based buffer overflow.

CVE-2021-39546: A heap-buffer-overflow in rice_decoder.cpp:39 · Issue #29 · sahaRatul/sela

An issue was discovered in sela through 20200412. rice::RiceDecoder::process() in rice_decoder.cpp has a heap-based buffer overflow.

CVE-2021-39544: A heap-buffer-overflow in wav_file.cpp:262:32 · Issue #25 · sahaRatul/sela

An issue was discovered in sela through 20200412. file::WavFile::writeToFile() in wav_file.c has a heap-based buffer overflow.

CVE-2020-21676: Xfig / Tickets / #76 stack-buffer-overflow in genpstrx_text at genpstricks.c:2732

A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.

CVE-2020-21675: Xfig / Tickets / #78 stack-buffer-overflow in genptk_text at genptk.c:618

A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.

CVE-2020-21697: #8188 (heap-use-after-free from libavformat/mpegenc.c in mpeg_mux_write_packet) – FFmpeg

A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907