CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2021-21837 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21837
18 Aug 2021 — Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-21844 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21844
18 Aug 2021 — Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when encountering an atom using the “stco” FOURCC code, can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-21843 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21843
18 Aug 2021 — Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. ... On a 32-bit platform, this multiplication can result in an integer overflow causing the space of the array being allocated to be less than expect... • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-21846 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21846
18 Aug 2021 — Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stsz” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-21845 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21845
18 Aug 2021 — Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stsc” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-21847 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21847
18 Aug 2021 — Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stts” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-21851 – Gentoo Linux Security Advisory 202408-21
https://notcve.org/view.php?id=CVE-2021-21851
18 Aug 2021 — Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “csgp” decoder sample group description indices can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2021-21852 – Debian Security Advisory 5411-1
https://notcve.org/view.php?id=CVE-2021-21852
18 Aug 2021 — Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1297 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-21832
https://notcve.org/view.php?id=CVE-2021-21832
17 Aug 2021 — A memory corruption vulnerability exists in the ISO Parsing functionality of Disc Soft Ltd Deamon Tools Pro 8.3.0.0767. A specially crafted malformed file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de corrupción de memoria en la funcionalidad de análisis de ISO de Disc Soft Ltd Deamon Tools Pro versión 8.3.0.0767. Un archivo malformado especialmente diseñado puede llevar a una escritura fuera de límites. • https://talosintelligence.com/vulnerability_reports/TALOS-2021-1295 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-22156
https://notcve.org/view.php?id=CVE-2021-22156
17 Aug 2021 — An integer overflow vulnerability in the calloc() function of the C runtime library of affected versions of BlackBerry® QNX Software Development Platform (SDP) version(s) 6.5.0SP1 and earlier, QNX OS for Medical 1.1 and earlier, and QNX OS for Safety 1.0.1 and earlier that could allow an attacker to potentially perform a denial of service or execute arbitrary code. • https://support.blackberry.com/kb/articleDetail?articleNumber=000082334 • CWE-190: Integer Overflow or Wraparound •