|
221621
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_isom_box_del() in isomedia/box_funcs.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-20164
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221622
|
5.5 |
MEDIUM
Local
|
gpac
debian
|
gpac
debian_linux
|
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gf_odf_avc_cfg_write_bs() in odf/descriptors.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2019-20163
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221623
|
5.5 |
MEDIUM
Local
|
gpac
debian
|
gpac
debian_linux
|
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function gf_isom_box_parse_ex() in isomedia/box_funcs.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-20162
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221624
|
5.5 |
MEDIUM
Local
|
gpac
debian
|
gpac
debian_linux
|
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is heap-based buffer overflow in the function ReadGF_IPMPX_WatermarkingInit() in odf/ipmpx_code.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-20161
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221625
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based buffer overflow in the function av1_parse_tile_group() in media_tools/av_parsers.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-20160
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221626
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a memory leak in dinf_New() in isomedia/box_code_base.c.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2019-20159
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221627
|
7.5 |
HIGH
Network
|
kind-of_project
|
kind-of
|
ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafte…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2019-20149
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221628
|
6.1 |
MEDIUM
Network
|
laborator
|
neon
|
An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20141
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221629
|
5.4 |
MEDIUM
Network
|
nagios
|
nagios_xi
|
In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, or the schedulereport.php hour or frequency parameter. Any authenticated user can attack the admin …
|
CWE-79
Cross-site Scripting
|
CVE-2019-20139
|
2024-11-21 13:38 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
221630
|
7.5 |
HIGH
Network
|
http_authentication_library_project
|
http_authentication_library
|
The HTTP Authentication library before 2019-12-27 for Nim has weak password hashing because the default algorithm for libsodium's crypto_pwhash_str is not used.
|
CWE-327
CWE-916
Use of a Broken or Risky Cryptographic Algorithm
Use of Password Hash With Insufficient Computational Effort
|
CVE-2019-20138
|
2024-11-21 13:38 |
2019-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
