|
246471
|
5.5 |
MEDIUM
Local
|
audiocoding
|
freeware_advanced_audio_decoder_2
|
A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-20198
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246472
|
7.8 |
HIGH
Local
|
audiocoding
|
freeware_advanced_audio_decoder_2
|
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a …
|
CWE-787
Out-of-bounds Write
|
CVE-2018-20197
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246473
|
7.8 |
HIGH
Local
|
audiocoding debian
|
freeware_advanced_audio_decoder_2 debian_linux
|
There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a d…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-20196
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246474
|
5.5 |
MEDIUM
Local
|
audiocoding
|
freeware_advanced_audio_decoder_2
|
A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-20195
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246475
|
7.8 |
HIGH
Local
|
audiocoding
|
freeware_advanced_audio_decoder_2
|
There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. A crafted input will lead to a …
|
CWE-787
Out-of-bounds Write
|
CVE-2018-20194
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246476
|
6.5 |
MEDIUM
Network
|
sass-lang
|
libsass
|
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input fi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-20190
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246477
|
6.5 |
MEDIUM
Network
|
graphicsmagick debian
|
graphicsmagick debian_linux
|
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and al…
|
CWE-20
Improper Input Validation
|
CVE-2018-20189
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246478
|
8.8 |
HIGH
Network
|
thedaylightstudio
|
fuel_cms
|
FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator account.
|
CWE-352
Origin Validation Error
|
CVE-2018-20188
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246479
|
6.5 |
MEDIUM
Network
|
axiosys
|
bento4
|
An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in Core/Ap4Sample.cpp allows attackers to trigger an attempted excessive memory allocation, related to AP4_DataBuffer::SetDataSize an…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-20186
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246480
|
5.3 |
MEDIUM
Network
|
graphicsmagick debian canonical
|
graphicsmagick debian_linux ubuntu_linux
|
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-20185
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|