|
210811
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-22679
|
2024-11-21 14:13 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210812
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted inp…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-22678
|
2024-11-21 14:13 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210813
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-22677
|
2024-11-21 14:13 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210814
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-22675
|
2024-11-21 14:13 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210815
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafte…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-22674
|
2024-11-21 14:13 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210816
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-22673
|
2024-11-21 14:13 |
2021-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210817
|
9.8 |
CRITICAL
Network
|
ardour
|
ardour
|
Ardour v5.12 contains a use-after-free vulnerability in the component ardour/libs/pbd/xml++.cc when using xmlFreeDoc and xmlXPathFreeContext.
|
CWE-416
Use After Free
|
CVE-2020-22617
|
2024-11-21 14:13 |
2021-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210818
|
5.4 |
MEDIUM
Network
|
cmsmadesimple
|
cms_made_simple
|
CMS Made Simple 2.2.14 was discovered to contain a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Field Definiti…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23481
|
2024-11-21 14:13 |
2021-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210819
|
7.5 |
HIGH
Network
|
leoeditor
|
leo
|
Leo Editor v6.2.1 was discovered to contain a regular expression denial of service (ReDoS) vulnerability in the component plugins/importers/dart.py.
|
CWE-697
Incorrect Comparison
|
CVE-2020-23478
|
2024-11-21 14:13 |
2021-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210820
|
7.5 |
HIGH
Network
|
gmate_project
|
gmate
|
gmate v0.12+bionic contains a regular expression denial of service (ReDoS) vulnerability in the gedit3 plugin.
|
NVD-CWE-noinfo
|
CVE-2020-23469
|
2024-11-21 14:13 |
2021-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
