16 results (0.008 seconds)

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2023-52339

https://notcve.org/view.php?id=CVE-2023-52339

In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows. En libebml anterior a 1.4.5, puede ocurrir un desbordamiento de enteros en MemIOCallback.cpp al leer o escribir. Puede provocar desbordamientos de búfer. • https://github.com/Matroska-Org/libebml/blob/v1.x/NEWS.md https://github.com/Matroska-Org/libebml/compare/release-1.4.4...release-1.4.5 https://github.com/Matroska-Org/libebml/issues/147 https://github.com/Matroska-Org/libebml/pull/148 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BJUXVOIRWPP7OFYUKQZDNJTSLWCPIZBH https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XNANFT4P6KL4WDQ3TV6QQ44NSC7WKLAB • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 1%CPEs: 5EXPL: 1

CVE-2021-3405

https://notcve.org/view.php?id=CVE-2021-3405

A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml. Se encontró un fallo en libebml versiones anteriores a 1.4.2. Se presenta un error de desbordamiento de la pila en la implementación de las funciones EbmlString::ReadData y EbmlUnicodeString::ReadData en libebml • https://github.com/Matroska-Org/libebml/issues/74 https://lists.debian.org/debian-lts-announce/2021/04/msg00016.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JNHQI6MDOECJ2HT5GCLEX2DMJFEOWPW7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UHIIMWZKHHELFF4NRDMOOCS3HKK3K4DF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YY7R2JZRO5I6WS62KTJFTZGKYELVFTVB https://security.gentoo.org/glsa/202208-21 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 2

CVE-2017-12801 – mkvalidator 0.5.1 Denial Of Service

https://notcve.org/view.php?id=CVE-2017-12801

The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. La función UpdateDataSize en ebmlmaster.c en libebml2 hasta 2012-08-26 permite que atacantes remotos provoquen una denegación de servicio (fallo de aserción) mediante un archivo mkv manipulado. mkvalidator version 0.5.1 suffers from multiple denial of service vulnerabilities leveraging libebml2 and mkclean. • http://packetstormsecurity.com/files/144902/mkvalidator-0.5.1-Denial-Of-Service.html http://seclists.org/fulldisclosure/2017/Nov/19 https://github.com/Matroska-Org/foundation-source/issues/24 • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-12803 – mkvalidator 0.5.1 Denial Of Service

https://notcve.org/view.php?id=CVE-2017-12803

The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. La función Node_ValidatePtr en corec/corec/node/node.c en mkclean 0.8.9 permite que atacantes remotos provoquen una denegación de servicio (fallo de aserción) mediante un archivo mkv manipulado. mkvalidator version 0.5.1 suffers from multiple denial of service vulnerabilities leveraging libebml2 and mkclean. • http://packetstormsecurity.com/files/144902/mkvalidator-0.5.1-Denial-Of-Service.html http://seclists.org/fulldisclosure/2017/Nov/19 https://github.com/Matroska-Org/foundation-source/issues/24 • CWE-476: NULL Pointer Dereference •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-12779 – mkvalidator 0.5.1 Denial Of Service

https://notcve.org/view.php?id=CVE-2017-12779

The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. La función Node_GetData en corec/corec/node/node.c en mkvalidator 0.5.1 permite que atacantes remotos provoquen una denegación de servicio (desreferencia de puntero NULL y cierre inesperado de la aplicación) mediante un archivo mkv manipulado. mkvalidator version 0.5.1 suffers from multiple denial of service vulnerabilities leveraging libebml2 and mkclean. • http://packetstormsecurity.com/files/144902/mkvalidator-0.5.1-Denial-Of-Service.html http://seclists.org/fulldisclosure/2017/Nov/19 https://github.com/Matroska-Org/foundation-source/issues/24 • CWE-476: NULL Pointer Dereference •