CVE-2020-23330

An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2Atom::GetSampleSize component located in /Core/Ap4Stz2Atom.cpp. It allows an attacker to cause a denial of service (DOS).

Source: CVE-2020-23330

CVE-2020-23333

A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS).

Source: CVE-2020-23333

CVE-2020-23334

A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.

Source: CVE-2020-23334

CVE-2020-23332

A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS).

Source: CVE-2020-23332

CVE-2020-23331

An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DecoderConfigDescriptor::WriteFields component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).

Source: CVE-2020-23331

CVE-2021-39248

Open edX through Lilac.1 allows XSS in common/static/common/js/discussion/utils.js via crafted LaTeX content within a discussion.

Source: CVE-2021-39248

CVE-2021-39247

Zint Barcode Generator before 2.10.0 has a one-byte buffer over-read, related to is_last_single_ascii in code1.c, and rs_encode_uint in reedsol.c.

Source: CVE-2021-39247

CVE-2021-29988

Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.13, Thunderbird < 91, Firefox ESR < 78.13, and Firefox < 91.

Source: CVE-2021-29988

CVE-2021-38702

Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 allow tweb/ft.php?u=[XSS] attacks.

Source: CVE-2021-38702

CVE-2021-29990

Mozilla developers and community members reported memory safety bugs present in Firefox 90. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 91.

Source: CVE-2021-29990