|
247181
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted A…
|
CWE-617
Reachable Assertion
|
CVE-2018-13304
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247182
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-13303
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247183
|
8.8 |
HIGH
Network
|
ffmpeg
debian
|
ffmpeg
debian_linux
|
In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an…
|
CWE-129
Improper Validation of Array Index
|
CVE-2018-13302
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247184
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while co…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-13301
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247185
|
8.1 |
HIGH
Network
|
ffmpeg
debian
|
ffmpeg
debian_linux
|
In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read whi…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13300
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247186
|
6.1 |
MEDIUM
Network
|
entrustdatacard
|
syntera_customization_suite
|
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13252
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247187
|
6.5 |
MEDIUM
Network
|
libming
|
libming
|
In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWF_DEFINEBITSJPEG2. Remote attackers could leverage this vulnerab…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-13251
|
2024-11-21 12:46 |
2018-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247188
|
6.5 |
MEDIUM
Network
|
libming
|
libming
|
libming 0.4.8 has a NULL pointer dereference in the getString function of the decompile.c file, related to decompileSTRINGCONCAT. Remote attackers could leverage this vulnerability to cause a denial …
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-13250
|
2024-11-21 12:46 |
2018-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247189
|
7.5 |
HIGH
Network
|
gsi_project
|
gsi
|
The sell function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13233
|
2024-11-21 12:46 |
2018-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247190
|
7.5 |
HIGH
Network
|
entercoin_project
|
entercoin
|
The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently re…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13232
|
2024-11-21 12:46 |
2018-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
