CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-2024-34088
https://notcve.org/view.php?id=CVE-2024-34088
30 Apr 2024 — In FRRouting (FRR) through 9.1, it is possible for the get_edge() function in ospf_te.c in the OSPF daemon to return a NULL pointer. In cases where calling functions do not handle the returned NULL value, the OSPF daemon crashes, leading to denial of service. En FRRouting (FRR) hasta 9.1, es posible que la función get_edge() en ospf_te.c en el demonio OSPF devuelva un puntero NULL. En los casos en que las funciones de llamada no manejan el valor NULL devuelto, el daemon OSPF falla, lo que lleva a la denegac... • https://github.com/FRRouting/frr/pull/15674/commits/34d704fb0ea60dc5063af477a2c11d4884984d4f • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2024-33899 – Ubuntu Security Notice USN-7350-1
https://notcve.org/view.php?id=CVE-2024-33899
28 Apr 2024 — RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences. RARLAB WinRAR anterior a 7.00, en plataformas Linux y UNIX, permite a los atacantes falsificar la salida de la pantalla o provocar una denegación de servicio mediante secuencias de escape ANSI. It was discovered that UnRAR incorrectly handled certain paths. If a user or automated system were tricked into extracting a specially crafted RAR archive, a re... • https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983 • CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences •
CVSS: 5.5EPSS: 0%CPEs: 11EXPL: 0CVE-2023-52722 – Ubuntu Security Notice USN-6835-1
https://notcve.org/view.php?id=CVE-2023-52722
27 Apr 2024 — An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used, allows eexec seeds other than the Type 1 standard. Se descubrió un problema en Artifex Ghostscript hasta la versión 10.01.0. psi/zmisc1.c, cuando se utiliza el modo MÁS SEGURO, permite semillas eexec distintas al estándar Tipo 1. It was discovered that Ghostscript did not properly restrict eexec seeds to those specified by the Type 1 Font Format standard when SAFER mode is used. An attacker could use this i... • http://www.openwall.com/lists/oss-security/2024/06/28/2 •
CVSS: 8.5EPSS: 0%CPEs: 14EXPL: 0CVE-2023-51794 – Debian Security Advisory 5721-1
https://notcve.org/view.php?id=CVE-2023-51794
26 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través de libavfilter/af_stereowiden.c:120:69. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a... • https://trac.ffmpeg.org/ticket/10746 • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-31755 – cjson: segmentation violation trigger through the second parameter of function cJSON_SetValuestring at cJSON.c
https://notcve.org/view.php?id=CVE-2024-31755
26 Apr 2024 — cJSON v1.7.17 was discovered to contain a segmentation violation, which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. Se descubrió que cJSON v1.7.17 contiene una infracción de segmentación, que puede activarse a través del segundo parámetro de la función cJSON_SetValuestring en cJSON.c. A flaw was found in cJSON. This issue contains a segmentation violation, which can trigger through the second parameter of the cJSON_SetValuestring function at cJSON.c. It was discover... • https://github.com/DaveGamble/cJSON/issues/839 • CWE-476: NULL Pointer Dereference CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-50008 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2023-50008
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the av_malloc function in libavutil/mem.c:105:9 component. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.n6.1-3-g466799d4f5 permite a un atacante local ejecutar código arbitrario a través de la función av_malloc en el componente libavutil/mem.c:105:9. FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:10... • https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-51795 – Debian Security Advisory 5712-1
https://notcve.org/view.php?id=CVE-2023-51795
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través del componente libavfilter/avf_showspectrum.c:1789:52 en showspectrumpic_request_frame Several vulnerabilities have been discovered in the FFmpeg multimedia framework, whic... • https://ffmpeg.org • CWE-122: Heap-based Buffer Overflow •
CVSS: 5.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-51796
https://notcve.org/view.php?id=CVE-2023-51796
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través de libavfilter/f_reverse.c:269:26 en areverse_request_frame. • https://ffmpeg.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-51798 – Debian Security Advisory 5721-1
https://notcve.org/view.php?id=CVE-2023-51798
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través de un error de excepción de punto flotante (FPE) en libavfilter/vf_minterpolate.c:1078:60 en interpolación. Several vulnerabilities have been discovered in the FF... • https://ffmpeg.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-49501 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2023-49501
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.n6.1-3-g466799d4f5 permite a un atacante local ejecutar código arbitrario a través de la función config_eq_output en el componente libavfilter/asrc_afirsrc.c:495:30. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. ... • https://github.com/FFmpeg/FFmpeg • CWE-122: Heap-based Buffer Overflow •