CVE-2019-16352
ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load() at jfif.c.
Source: CVE-2019-16352
[월:] 2019년 09월
CVE-2019-16349
CVE-2019-16349
Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.
Source: CVE-2019-16349
CVE-2019-16351
CVE-2019-16351
ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_decode_step() at huffman.c.
Source: CVE-2019-16351
CVE-2018-21016
CVE-2018-21016
audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
Source: CVE-2018-21016
CVE-2018-21015
CVE-2018-21015
AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL.
Source: CVE-2018-21015
CVE-2019-16348
CVE-2019-16348
marc-q libwav through 2019-08-15 has a NULL pointer dereference in gain_file() at wav_gain.c.
Source: CVE-2019-16348
CVE-2019-16347
CVE-2019-16347
ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngiflib.c when called from DecodeGifImg, because deinterlacing for small pictures is mishandled.
Source: CVE-2019-16347
CVE-2016-10969
CVE-2016-10969
The supportflow plugin before 0.7 for WordPress has XSS via a discussion ticket title.
Source: CVE-2016-10969
CVE-2016-10971
CVE-2016-10971
The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required.
Source: CVE-2016-10971
CVE-2019-16197
CVE-2019-16197
In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-Agent HTTP header is copied into the HTML document as plain text between tags, leading to XSS.
Source: CVE-2019-16197