CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22025 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22025
27 May 2021 — A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región stack de la memoria en la función gaussian_blur, en la biblioteca libavfilter/vf_edgedetect.c, que podría conllevar a una corrupción en la memoria y otras potenciales consecuencias Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which c... • https://cwe.mitre.org/data/definitions/122.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22031 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22031
27 May 2021 — A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter16_complex_low, which might lead to memory corruption and other potential consequences. Se presenta una vulnerabilidad de Desbordamiento del Búfer en la región Heap de la memoria en FFmpeg versión 4.2, en la biblioteca libavfilter/vf_w3fdif.c en la función filter16_complex_low, que podría conllevar a una corrupción en la memoria y otras potenciales consecuencias Several vulnerabilities have been discovered in... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 57EXPL: 1CVE-2021-25217 – A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient
https://notcve.org/view.php?id=CVE-2021-25217
26 May 2021 — In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component b... • http://www.openwall.com/lists/oss-security/2021/05/26/6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 1CVE-2021-3561 – Ubuntu Security Notice USN-5864-1
https://notcve.org/view.php?id=CVE-2021-3561
26 May 2021 — An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. Se encontró un fallo Fuera de Límites en fig2dev versión 3.2.8a. Una comprobación de límites fallida en la función read_objects() podría permitir a un atacante proporcionar una ... • https://bugzilla.redhat.com/show_bug.cgi?id=1955675 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-20196 – QEMU: block: fdc: null pointer dereference may lead to guest crash
https://notcve.org/view.php?id=CVE-2021-20196
26 May 2021 — A NULL pointer dereference flaw was found in the floppy disk emulator of QEMU. This issue occurs while processing read/write ioport commands if the selected floppy drive is not initialized with a block device. This flaw allows a privileged guest user to crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo de desreferencia de puntero NULL en el emulador floppy disk de QEMU. • https://bugs.launchpad.net/qemu/+bug/1912780 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-3527 – Ubuntu Security Notice USN-5010-1
https://notcve.org/view.php?id=CVE-2021-3527
26 May 2021 — A flaw was found in the USB redirector device (usb-redir) of QEMU. Small USB packets are combined into a single, large transfer request, to reduce the overhead and improve performance. The combined size of the bulk transfer is used to dynamically allocate a variable length array (VLA) on the stack without proper validation. Since the total size is not bounded, a malicious guest could use this flaw to influence the array length and cause the QEMU process to perform an excessive allocation on the stack, resul... • https://bugzilla.redhat.com/show_bug.cgi?id=1955695 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22028 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22028
26 May 2021 — Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of Service. Se presenta una vulnerabilidad de Desbordamiento del Búfer en FFmpeg versión 4.2 en la función filter_vertically_8 en el archivo libavfilter/vf_avgblur.c, que podría causar una Denegación de Servicio remota Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arb... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22026 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22026
26 May 2021 — Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tremolo.c, which could let a remote malicious user cause a Denial of Service. Se presenta una vulnerabilidad de Desbordamiento del Búfer en FFmpeg versión 4.2, en la función config_input en el archivo libavfilter/af_tremolo.c, que podría permitir a un usuario malicioso remoto causar una Denegación de Servicio It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AA... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22021 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22021
26 May 2021 — Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service. Una vulnerabilidad de Desbordamiento del Búfer en FFmpeg versión 4.2 en la función filter_edges del archivo libavfilter/vf_yadif.c, que podría permitir a un usuario malicioso remoto causar una Denegación de Servicio It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. An attacker could po... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22020 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22020
26 May 2021 — Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service. Una vulnerabilidad de Desbordamiento del Búfer en FFmpeg versión 4.2 en la función build_diff_map del archivo libavfilter/vf_fieldmatch.c, que podría permitir a un usuario malicioso remoto causar una Denegación de Servicio Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of se... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=ce5274c1385d55892a692998923802023526b765 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •