CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-22041
https://notcve.org/view.php?id=CVE-2020-22041
01 Jun 2021 — A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_buffersrc_add_frame_flags function in buffersrc. Se presenta una vulnerabilidad de Denegación de Servicio en FFmpeg versión 4.2, debido a una pérdida de memoria en la función av_buffersrc_add_frame_flags en buffersrc • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-22037 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22037
01 Jun 2021 — A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c. Se presenta una vulnerabilidad de Denegación de Servicio en FFmpeg versión 4.2, debido a una pérdida de memoria en la función avcodec_alloc_context3 en el archivo options.c It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 ... • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22036 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22036
01 Jun 2021 — A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption and other potential consequences. Se presenta una vulnerabilidad de desbordamiento del búfer en la región heap de la memoria en FFmpeg versión 4.2, en la función filter_intra en la biblioteca libavfilter/vf_bwdif.c, que podría conllevar a una corrupción de la memoria y otras potenciales consecuencias Several vulnerabilities have been discovered in the FFmpeg multim... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 1CVE-2021-3516 – libxml2: Use-after-free in xmlEncodeEntitiesInternal() in entities.c
https://notcve.org/view.php?id=CVE-2021-3516
01 Jun 2021 — There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. Se encontró un fallo en xmllint de libxml2 en versiones anteriores a 2.9.11. Un atacante que es capaz de enviar un archivo diseñado para ser procesado por xmllint podría desencadenar un uso de la memoria previamente liberada. • https://bugzilla.redhat.com/show_bug.cgi?id=1954225 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 90%CPEs: 40EXPL: 1CVE-2021-29505 – XStream is vulnerable to a Remote Command Execution attack
https://notcve.org/view.php?id=CVE-2021-29505
28 May 2021 — XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user who followed the recommendation to setup XStream's security framework with a whitelist limited to the minimal required types is affected. The vulnerability is patched in version 1.4.17. XStream es un software para serializar objetos Java a XML y vic... • https://github.com/MyBlackManba/CVE-2021-29505 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 6%CPEs: 5EXPL: 0CVE-2021-33620 – squid: denial of service in HTTP response processing
https://notcve.org/view.php?id=CVE-2021-33620
28 May 2021 — Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause a denial of service (affecting availability to all clients) via an HTTP response. The issue trigger is a header that can be expected to exist in HTTP traffic without any malicious intent by the server. Squid versiones anteriores a 4.15 y versiones 5.x anteriores a 5.0.6, permite a servidores remotos causar una denegación de servicio (afectando la disponibilidad para todos los clientes) por medio de una respuesta HTTP. El desencadenan... • http://seclists.org/fulldisclosure/2023/Oct/14 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22032 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22032
27 May 2021 — A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región stack de la memoria en FFmpeg versión 4.2, en la biblioteca libavfilter/vf_edgedetect.c en la función gaussian_blur, que podría conllevar a una corrupción en la memoria y otras potenciales consecuencias It was discovered that FFmpeg would attempt to divide b... • https://cwe.mitre.org/data/definitions/122.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22016 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22016
27 May 2021 — A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files, which might lead to memory corruption and other potential consequences. Una vulnerabilidad de Desbordamiento del Búfer en la región stack de la memoria en FFmpeg versión 4.2 en la biblioteca libavcodec/get_bits.h al escribir archivos .mov, que podría conllevar a una corrupción en la memoria y otras potenciales consecuencias It was discovered that FFmpeg would attempt to divide by zero when using Linear... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22022 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22022
27 May 2021 — A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región stack de la memoria en FFmpeg versión 4.2, en la función filter_frame en la biblioteca libavfilter/vf_fieldorder.c, que podría conllevar a una corrupción en la memoria y otras potenciales consecuencias Several vulnerabilities have been discovered in the FF... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-22023 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22023
27 May 2021 — A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región heap de la memoria en FFmpeg versión 4.2, en la función filter_frame en la biblioteca libavfilter/vf_bitplanenoise.c, que podría conllevar a una corrupción en la memoria y otras potenciales consecuencias It was discovered that FFmpeg would attempt to d... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-787: Out-of-bounds Write •