Security
Headlines
HeadlinesLatestCVEs

Tag

#c++

CVE-2022-43244: Heap-buffer-overflow in fallback-motion.cc: in void put_qpel_fallback<unsigned short> · Issue #342 · strukturag/libde265

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file.

CVE
Open in Source
#vulnerability#ubuntu#linux#dos#git#c++#chrome
CVE-2021-37789: heap-buffer-overflow in stbi__jpeg_load · Issue #1178 · nothings/stb

stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service.

CVE-2022-3817: Some Memory leaks exist in mp4xx · Issue #792 · axiomatic-systems/Bento4

A vulnerability has been found in Axiomatic Bento4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component mp4mux. The manipulation leads to memory leak. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212683.

CVE-2022-43752: .:: Phrack Magazine ::.

** UNSUPPORTED WHEN ASSIGNED ** Oracle Solaris version 10 1/13, when using the Common Desktop Environment (CDE), is vulnerable to a privilege escalation vulnerability. A low privileged user can escalate to root by crafting a malicious printer and double clicking on the the crafted printer's icon.

CVE-2022-3785: A heap-buffer-overflow in Avcinfo · Issue #780 · axiomatic-systems/Bento4

A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212564.

CVE-2022-3784: Heap overflow in mp4hls, ReadBits, Ap4Mp4AudioInfo.cpp:66 · Issue #806 · axiomatic-systems/Bento4

A vulnerability classified as critical was found in Axiomatic Bento4 5e7bb34. Affected by this vulnerability is the function AP4_Mp4AudioDsiParser::ReadBits of the file Ap4Mp4AudioInfo.cpp of the component mp4hls. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212563.

CVE-2022-43148: Some crashes occur when fuzzing rtf2html. · Issue #11 · lvu/rtf2html

rtf2html v0.2.0 was discovered to contain a heap overflow in the component /rtf2html/./rtf_tools.h.

CVE-2022-43151: Detected memory leaks 16 byte(s) leaked in 2 allocation(s) · Issue #92 · hzeller/timg

timg v1.4.4 was discovered to contain a memory leak via the function timg::QueryBackgroundColor() at /timg/src/term-query.cc.

CVE-2022-43280: Out-of-bound read in OnReturnCallExpr->GetReturnCallDropKeepCount · Issue #1982 · WebAssembly/wabt

wasm-interp v1.0.29 was discovered to contain an out-of-bounds read via the component OnReturnCallExpr->GetReturnCallDropKeepCount.

CVE-2022-43281: heap overflow in wasm-interp · Issue #1981 · WebAssembly/wabt

wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector<wabt::Type, std::allocator<wabt::Type>>::size() at /bits/stl_vector.h.