CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38857 – Ubuntu Security Notice USN-6313-1
https://notcve.org/view.php?id=CVE-2023-38857
15 Aug 2023 — Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c. La vulnerabilidad de desbordamiento del búfer infaad2 v.2.10.1 permite a un atacante remoto ejecutar código arbitrario y provocar una denegación de servicio a través de la función stcoin en mp4read.c. It was discovered that FAAD2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted i... • https://github.com/knik0/faad2/issues/171 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-38858 – Gentoo Linux Security Advisory 202401-13
https://notcve.org/view.php?id=CVE-2023-38858
15 Aug 2023 — Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039. La vulnerabilidad de desbordamiento del búfer infaad2 v.2.10.1 permite a un atacante remoto ejecutar código arbitrario y provocar una denegación de servicio a través de la función mp4info en mp4read.c:1039. Multiple denial of service vulnerabilities have been found in FAAD2. Versions greater than or equal to 2.11.0 are affected. • https://github.com/knik0/faad2/issues/173 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-32272 – Ubuntu Security Notice USN-6313-1
https://notcve.org/view.php?id=CVE-2021-32272
20 Sep 2021 — An issue was discovered in faad2 before 2.10.0. A heap-buffer-overflow exists in the function stszin located in mp4read.c. It allows an attacker to cause Code Execution. Se ha detectado un problema en faad2 anterior a la versión 2.10.0. Se presenta un desbordamiento del búfer de la pila en la función stszin ubicada en el archivo mp4read.c. • https://github.com/knik0/faad2/commit/1b71a6ba963d131375f5e489b3b25e36f19f3f24 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-32274 – Debian Security Advisory 5109-1
https://notcve.org/view.php?id=CVE-2021-32274
20 Sep 2021 — An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It allows an attacker to cause code Execution. Se ha detectado un problema en faad2 versiones hasta 2.10.0. Se presenta un desbordamiento del búfer de la pila en la función sbr_qmf_synthesis_64 ubicada en el archivo sbr_qmf.c. • https://github.com/knik0/faad2/issues/60 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2021-32276 – Ubuntu Security Notice USN-6313-1
https://notcve.org/view.php?id=CVE-2021-32276
20 Sep 2021 — An issue was discovered in faad2 through 2.10.0. A NULL pointer dereference exists in the function get_sample() located in output.c. It allows an attacker to cause Denial of Service. Se ha detectado un problema en faad2 versiones hasta 2.10.0. Se presenta una desreferencia del puntero NULL en la función get_sample() ubicada en el archivo output.c. • https://github.com/knik0/faad2/issues/58 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-32277 – Ubuntu Security Notice USN-6313-1
https://notcve.org/view.php?id=CVE-2021-32277
20 Sep 2021 — An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It allows an attacker to cause code Execution. Se ha detectado un problema en faad2 versiones hasta 2.10.0. Se presenta un desbordamiento del búfer de la pila en la función sbr_qmf_analysis_32 ubicada en el archivo sbr_qmf.c. • https://github.com/knik0/faad2/issues/59 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2021-32273 – Debian Security Advisory 5109-1
https://notcve.org/view.php?id=CVE-2021-32273
20 Sep 2021 — An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It allows an attacker to cause Code Execution. Se ha detectado un problema en faad2 versiones hasta 2.10.0. Se presenta un desbordamiento del búfer de pila en la función ftypin ubicada en el archivo mp4read.c. • https://github.com/knik0/faad2/issues/56 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-32278 – Ubuntu Security Notice USN-6313-1
https://notcve.org/view.php?id=CVE-2021-32278
20 Sep 2021 — An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function lt_prediction located in lt_predict.c. It allows an attacker to cause code Execution. Se ha detectado un problema en faad2 versiones hasta 2.10.0. Se presenta un desbordamiento del búfer de la pila en la función lt_prediction ubicada en el archivo lt_predict.c. • https://github.com/knik0/faad2/issues/62 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 1%CPEs: 8EXPL: 0CVE-2021-26567
https://notcve.org/view.php?id=CVE-2021-26567
26 Feb 2021 — Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options. La vulnerabilidad de desbordamiento de búfer basada en la pila en frontend/main.c en faad2 versiones anteriores a 2.2.7.1 permite a los atacantes locales ejecutar código arbitrario a través de las opciones de nombre de archivo y ruta. • https://github.com/knik0/faad2/commit/720f7004d6c4aabee19aad16e7c456ed76a3ebfa • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •