Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-22674: Segmentation fault (ASAN: SEGV on unknown address) in the FixTrackID function of isom_intern.c:133 · Issue #1346 · gpac/gpac

An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input.

CVE

Related news

CVE-2020-23109: Heap overflow in heif_colorconversion.cc:2263 · Issue #207 · strukturag/libheif

Buffer overflow vulnerability in function convert_colorspace in heif_colorconversion.cc in libheif v1.6.2, allows attackers to cause a denial of service and disclose sensitive information, via a crafted HEIF file.

WordPress 4.9.6 Arbitrary File Deletion

WordPress version 4.9.6 arbitrary file deletion exploit. Original discovery of this vulnerability is attributed to VulnSpy in June of 2018.

CVE-2020-28969

Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file.

CVE-2021-39535: A Segmentation fault in libxsmm_gemm_generator · Issue #398 · hfp/libxsmm

An issue was discovered in libxsmm through v1.16.1-93. A NULL pointer dereference exists in JIT code. It allows an attacker to cause Denial of Service.

CVE-2020-21049: Release v1.8.5 security update · saitoha/libsixel

An invalid read in the stb_image.h component of libsixel prior to v1.8.5 allows attackers to cause a denial of service (DOS) via a crafted PSD file.

CVE-2020-21048: Release v1.8.4 security update · saitoha/libsixel

An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file.

CVE-2021-22204: Update to 12.24 · exiftool/exiftool@cf0f4e7

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907