» 2021 » 4월

CVE-2020-23932

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2020-23932

An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service.

Source: CVE-2020-23932

CVE-2020-23907

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2020-23907

An issue was discovered in retdec v3.3. In function canSplitFunctionOn() of ir_modifications.cpp, there is a possible out of bounds read due to a heap buffer overflow. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution.

Source: CVE-2020-23907

CVE-2021-28167

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2021-28167

In Eclipse Openj9 to version 0.25.0, usage of the jdk.internal.reflect.ConstantPool API causes the JVM in some cases to pre-resolve certain constant pool entries. This allows a user to call static methods or access static members without running the class initialization method, and may allow a user to observe uninitialized values.

Source: CVE-2021-28167

CVE-2020-35980

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2020-35980

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c.

Source: CVE-2020-35980

CVE-2021-31329

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2021-31329

Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Chat" and "Personal Address" field on staff/register.php

Source: CVE-2021-31329

CVE-2021-31327

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2021-31327

Store XSS in Remote Clinic v2.0 in /medicines due to Medicine Name Field.

Source: CVE-2021-31327

CVE-2020-35981

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2020-35981

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c.

Source: CVE-2020-35981

CVE-2021-30139

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2021-30139

In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a buffer overflow and crash.

Source: CVE-2021-30139

CVE-2020-35979

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2020-35979

An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c.

Source: CVE-2020-35979

CVE-2021-30031

Posted on 2021년 4월 22일2021년 4월 22일 by admin

CVE-2021-30031

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Source: CVE-2021-30031