CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47606 – GHSL-2024-166: GStreamer Integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes
https://notcve.org/view.php?id=CVE-2024-47606
11 Dec 2024 — An integer underflow has been detected in the function qtdemux_parse_theora_extension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a large unintended value when cast to an unsigned integer. This 32-bit negative value is then cast to a 64-bit unsigned integer (0xfffffffffffffffa) in a subsequent call to gst_buffer_new_and_alloc. ... Processing a specially crafted input file can cause an integer
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47546 – GHSL-2024-243: GStreamer has an integer underflow in extract_cc_from_data leading to OOB-read
https://notcve.org/view.php?id=CVE-2024-47546
11 Dec 2024 — An integer underflow has been detected in extract_cc_from_data function within qtdemux.c. In the FOURCC_c708 case, the subtraction atom_length - 8 may result in an underflow if atom_length is less than 8. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47545 – GHSL-2024-242: GStreamer has an integer underflow in FOURCC_strf parsing leading to OOB-read
https://notcve.org/view.php?id=CVE-2024-47545
11 Dec 2024 — An integer underflow has been detected in qtdemux_parse_trak function within qtdemux.c. During the strf parsing case, the subtraction size -= 40 can lead to a negative integer overflow if it is less than 40. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47537 – GHSL-2024-094: GStreamer has an OOB-write in isomp4/qtdemux.c
https://notcve.org/view.php?id=CVE-2024-47537
11 Dec 2024 — And if this value is big enough, this can lead to an integer overflow during the addition. ... An integer overflow in the MP4/MOV demuxer's sample table parser can lead to out-of-bounds writes and NULL-pointer dereferences for certain input files. ... Issues addressed include integer overflow, null pointer, and out of bounds write vulnerabilities. • https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8059.patch • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53955 – Bridge | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2024-53955
10 Dec 2024 — Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb24-103.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52985 – Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2024-52985
10 Dec 2024 — Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-96.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52987 – Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2024-52987
10 Dec 2024 — Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-96.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52989 – Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2024-52989
10 Dec 2024 — Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-96.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53954 – Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)
https://notcve.org/view.php?id=CVE-2024-53954
10 Dec 2024 — Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-96.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52983 – Animate | Integer Overflow or Wraparound (CWE-190)
https://notcve.org/view.php?id=CVE-2024-52983
10 Dec 2024 — Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb24-96.html • CWE-190: Integer Overflow or Wraparound •