CVE-2021-45911
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer.
Source: CVE-2021-45911
[월:] 2021년 12월
CVE-2021-45910
CVE-2021-45910
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and (to some extent) control over the amount of data that is written.
Source: CVE-2021-45910
CVE-2021-45909
CVE-2021-45909
An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow vulnerability in the DecodeLZW function. It allows an attacker to write a large amount of arbitrary data outside the boundaries of a buffer.
Source: CVE-2021-45909
CVE-2021-45908
CVE-2021-45908
An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a while loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted.
Source: CVE-2021-45908
CVE-2021-45907
CVE-2021-45907
An issue was discovered in gif2apng 1.9. There is a stack-based buffer overflow involving a for loop. An attacker has little influence over the data written to the stack, making it unlikely that the flow of control can be subverted.
Source: CVE-2021-45907
CVE-2021-45906
CVE-2020-21237
CVE-2020-21237
An issue in the user login box of LJCMS v1.11 allows attackers to hijack user accounts via brute force attacks.
Source: CVE-2020-21237
CVE-2021-45904
CVE-2021-45904
OpenWrt 21.02.1 allows XSS via the Port Forwards Add Name screen.
Source: CVE-2021-45904
CVE-2020-21238
CVE-2020-21238
An issue in the user login box of CSCMS v4.0 allows attackers to hijack user accounts via brute force attacks.
Source: CVE-2020-21238
CVE-2020-21236
CVE-2020-21236
A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers to compromise and impersonate user accounts via obtaining a user’s session cookie.
Source: CVE-2020-21236