CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2023-50186 – GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-50186
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. ... An attacker can leverage this vulnerability to execute code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. ... An attacker can leverage this vulnerability to execute code in the context of the current process. • https://gstreamer.freedesktop.org/security/sa-2023-0011.html https://www.zerodayinitiative.com/advisories/ZDI-24-368 https://access.redhat.com/security/cve/CVE-2023-50186 https://bugzilla.redhat.com/show_bug.cgi?id=2255639 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •
CVSS: 7.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-22905
https://notcve.org/view.php?id=CVE-2024-22905
Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function. • https://github.com/ARMmbed/mbed-os/blob/7c7d20da6527885237094d9d50ce099404414201/connectivity/FEATURE_BLE/source/cordio/stack_adaptation/hci_tr.c#L125 https://github.com/ARMmbed/mbed-os/blob/7c7d20da6527885237094d9d50ce099404414201/connectivity/FEATURE_BLE/source/cordio/stack_adaptation/hci_tr.c#L173-L175 https://github.com/ARMmbed/mbed-os/issues/15462 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0CVE-2023-51795
https://notcve.org/view.php?id=CVE-2023-51795
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través del componente libavfilter/avf_showspectrum.c:1789:52 en showspectrumpic_request_frame • https://ffmpeg.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY https://trac.ffmpeg.org/ticket/10749 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-32392
https://notcve.org/view.php?id=CVE-2024-32392
Cross Site Scripting vulnerability in CmSimple v.5.15 allows a remote attacker to execute arbitrary code via the functions.php component. • https://github.com/Hebing123/cve/issues/33 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-51791
https://notcve.org/view.php?id=CVE-2023-51791
Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map. • https://ffmpeg.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY https://trac.ffmpeg.org/ticket/10738 • CWE-121: Stack-based Buffer Overflow CWE-125: Out-of-bounds Read •