Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

GPAC 1.0.1 MP4Box gf_hinter_track_new information disclosure

A vulnerability, which was classified as problematic, has been found in GPAC 1.0.1. This issue affects the function gf_hinter_track_new of the component MP4Box. Applying a patch is able to eliminate this problem. The bugfix is ready for download...
Auteur: VulDB

GPAC 1.0.1 MP4Box MergeTrack denial of service

A vulnerability classified as problematic was found in GPAC 1.0.1. This vulnerability affects the function MergeTrack of the component MP4Box. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com.
Auteur: VulDB

GPAC 1.0.1 MP4Box gf_isom_cenc_get_default_info_internal denial of service

A vulnerability classified as problematic has been found in GPAC 1.0.1. This affects the function gf_isom_cenc_get_default_info_internal of the component MP4Box. Applying a patch is able to eliminate this problem. The bugfix is ready for download...
Auteur: VulDB

GPAC 1.0.1 MP4Box gf_isom_set_extraction_slc denial of service

A vulnerability was found in GPAC 1.0.1. It has been rated as problematic. Affected by this issue is the function gf_isom_set_extraction_slc of the component MP4Box. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

GPAC 1.0.1 MP4Box HintFile denial of service

A vulnerability was found in GPAC 1.0.1. It has been declared as problematic. Affected by this vulnerability is the function HintFile of the component MP4Box. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

GPAC 1.0.1 MP4Box stbl_GetSampleInfos memory leak

A vulnerability was found in GPAC 1.0.1. It has been classified as problematic. Affected is the function stbl_GetSampleInfos of the component MP4Box. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

GPAC 1.0.1 MP4Box abst_box_read buffer overflow

A vulnerability was found in GPAC 1.0.1 and classified as critical. This issue affects the function abst_box_read of the component MP4Box. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com.
Auteur: VulDB

GPAC 1.0.1 MP4Box tenc_box_read denial of service

A vulnerability has been found in GPAC 1.0.1 and classified as problematic. This vulnerability affects the function tenc_box_read of the component MP4Box. Applying a patch is able to eliminate this problem. The bugfix is ready for download at...
Auteur: VulDB

GPAC 1.0.1 MP4 File filters/reframe_latm.c gf_filter_pck_get_data null pointer dereference

A vulnerability, which was classified as problematic, was found in GPAC 1.0.1. This affects the function gf_filter_pck_get_data of the file filters/reframe_latm.c of the component MP4 File Handler. Applying a patch is able to eliminate this...
Auteur: VulDB

GPAC 1.0.1 media_tools/av_parsers.c gf_avc_read_pps_bs_internal integer overflow

A vulnerability, which was classified as problematic, has been found in GPAC 1.0.1. Affected by this issue is the function gf_avc_read_pps_bs_internal of the file media_tools/av_parsers.c. Applying a patch is able to eliminate this problem. The...
Auteur: VulDB

GPAC 1.0.1 File media_tools/av_parsers.c gf_hevc_read_pps_bs_internal infinite loop

A vulnerability classified as problematic was found in GPAC 1.0.1. Affected by this vulnerability is the function gf_hevc_read_pps_bs_internal of the file media_tools/av_parsers.c of the component File Handler. Applying a patch is able to...
Auteur: VulDB

GPAC 1.0.1 filters/reframe_adts.c adts_dmx_process heap-based overflow

A vulnerability classified as critical has been found in GPAC 1.0.1. Affected is the function adts_dmx_process of the file filters/reframe_adts.c. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com.
Auteur: VulDB

GPAC 1.0.1 filter_core/filter_pck.c av1dmx_parse_flush_sample null pointer dereference

A vulnerability was found in GPAC 1.0.1. It has been rated as problematic. This issue affects the function av1dmx_parse_flush_sample of the file filter_core/filter_pck.c. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

GPAC 1.0.1 media_tools/av_parsers.c hevc_parse_slice_segment integer overflow

A vulnerability was found in GPAC 1.0.1. It has been declared as problematic. This vulnerability affects the function hevc_parse_slice_segment of the file media_tools/av_parsers.c. Applying a patch is able to eliminate this problem. The bugfix is...
Auteur: VulDB

Exiv2 up to 0.27.3 Metadata out-of-bounds read

A vulnerability was found in Exiv2 up to 0.27.3 (Image Processing Software). It has been classified as problematic. This affects an unknown part of the component Metadata Handler. Upgrading to version 0.27.4 eliminates this vulnerability....
Auteur: VulDB

Exiv2 up to 0.27.3 Metadata heap-based overflow

A vulnerability was found in Exiv2 up to 0.27.3 (Image Processing Software) and classified as critical. Affected by this issue is some unknown functionality of the component Metadata Handler. Upgrading to version 0.27.4 eliminates this...
Auteur: VulDB

Grassroot Platform up to 1.3.0 JSON Web Token signature verification

A vulnerability has been found in Grassroot Platform up to 1.3.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component JSON Web Token Handler. Upgrading to version 1.3.1 eliminates this...
Auteur: VulDB

matrix-media-repo up to 1.2.6 on Matrix resource consumption

A vulnerability, which was classified as problematic, was found in matrix-media-repo up to 1.2.6 on Matrix. Affected is an unknown function. Upgrading to version 1.2.7 eliminates this vulnerability. The upgrade is hosted for download at...
Auteur: VulDB

Wagtail up to 2.11.6/2.12.3 Admin Interface cross site scripting

A vulnerability, which was classified as problematic, has been found in Wagtail up to 2.11.6/2.12.3. This issue affects some unknown processing of the component Admin Interface. Upgrading to version 2.11.7 or 2.12.4 eliminates this vulnerability.
Auteur: VulDB

GPAC 1.0.1 filter_props.c gf_props_assign_value GF_PropertyValue integer overflow

A vulnerability classified as critical was found in GPAC 1.0.1. This vulnerability affects the function gf_props_assign_value of the file filter_core/filter_props.c. Applying a patch is able to eliminate this problem. The bugfix is ready for...
Auteur: VulDB

JTEKT TOYOPUC denial of service [CVE-2021-27458]

A vulnerability classified as problematic has been found in JTEKT TOYOPUC (the affected version unknown). This affects an unknown code. It is possible to mitigate the problem by applying the configuration setting .
Auteur: VulDB

cifs-utils up to 6.12 krb5 CIFS File System privileges assignment

A vulnerability was found in cifs-utils up to 6.12. It has been rated as problematic. Affected by this issue is an unknown part of the component krb5 CIFS File System Handler. Upgrading to version 6.13 eliminates this vulnerability.
Auteur: VulDB

OpenClinic GA 5.173.3 getAssets.jsp serialnumber sql injection

A vulnerability was found in OpenClinic GA 5.173.3. It has been declared as critical. Affected by this vulnerability is some unknown functionality of the file getAssets.jsp. There is no information about possible countermeasures known. It may be...
Auteur: VulDB

OpenClinic GA 5.173.3 getAssets.jsp componentStatus sql injection

A vulnerability was found in OpenClinic GA 5.173.3. It has been classified as critical. Affected is an unknown functionality of the file getAssets.jsp. There is no information about possible countermeasures known. It may be suggested to replace...
Auteur: VulDB

Autodesk FBX Review FBX File use after free [CVE-2021-27031]

A vulnerability was found in Autodesk FBX Review (Feedback Software) (unknown version) and classified as critical. This issue affects an unknown function of the component FBX File Handler. There is no information about possible countermeasures...
Auteur: VulDB
12345678910Last

Événements SSI