0X20Z

Name of the Vulnerable Software and Affected Versions: PX4 PX4-Autopilot versions through 1.15.4 Description: A use-after-free issue exists in the `MavlinkReceiver::handle message serial control` function within the `src/modules/mavlink/mavlink receiver.cpp` file of the Mavlink Shell Closing Handler component. The manipulation of the ` mavlink shell` argument leads to this condition. An attack requires local access and is considered difficult to exploit. Recommendations: Apply the patch with identifier 4395d4f00c49b888f030f5b43e2a779f1fa78708 to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** DCMTK versions up to 3.6.9 **Description** A memory corruption issue was identified in the dcm2img component of the DCMTK library, specifically within the `dcmimage/include/dcmtk/dcmimage/diybrpxt.h` library file. Local access is required for exploitation. **Recommendations** Apply the patch 7ad81d69b to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** xmedcon version 0.25.0 **Description** A problem has been detected in the `malloc` function of the DICOM File Handler component, leading to an integer underflow. This issue can be exploited remotely. **Recommendations** For xmedcon version 0.25.0, update to version 0.25.1 to address this issue.

Name of the Vulnerable Software and Affected Versions: DCMTK version 3.6.9 Description: A critical vulnerability was found in the dcmjpls JPEG-LS Decoder component of DCMTK, affecting unknown code and leading to memory corruption. The attack can be initiated remotely. The manipulation with the `dcmjpls` component can cause memory corruption. Recommendations: To fix this issue, it is recommended to apply a patch, specifically the patch named `3239a7915`, to DCMTK version 3.6.9. As a temporary workaround, consider disabling the `dcmjpls` JPEG-LS Decoder component until a patch is available. Restrict access to the vulnerable component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MicroDicom DICOM Viewer version 2025.1 Build 3321 **Description** A critical issue was discovered, affecting an unknown function of the file mDicom.exe, which leads to memory corruption. The attack must be launched locally. The vendor has confirmed the issue and provided a fix in the latest beta. **Recommendations** For MicroDicom DICOM Viewer version 2025.1 Build 3321, upgrade to the latest beta version to resolve the issue.

Name of the Vulnerable Software and Affected Versions: FFmpeg versions before commit 4bf784c Description: A heap buffer overflow issue allows attackers to trigger memory corruption via a crafted media file in avformat when processing tile grid group streams, potentially leading to a Denial of Service (DoS). Recommendations: For FFmpeg versions before commit 4bf784c, update to a version that includes the fix for this issue to prevent potential memory corruption and Denial of Service (DoS) attacks.

**Name of the Vulnerable Software and Affected Versions** FFmpeg versions up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb **Description** A problematic vulnerability has been found in FFmpeg, affecting the function `audio element obu` of the file libavformat/iamf parse.c of the component IAMF File Handler. The manipulation of the argument `num parameters` leads to a memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** To fix this issue, apply a patch with the identifier 0526535cd58444dd264e810b2f3348b4d96cff3b. As a temporary workaround, consider restricting access to the vulnerable function `audio element obu` until a patch is available. Avoid using the argument `num parameters` in the affected component IAMF File Handler to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: FFmpeg versions prior to 7.1 Description: A problem has been found in the function `mov read trak` of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Recommendations: For FFmpeg versions prior to 7.1, apply a patch to fix this issue. As a temporary workaround, consider restricting access to the `mov read trak` function of the MOV Parser component until a patch is available.

Name of the Vulnerable Software and Affected Versions: FFmpeg git master before commit c08d30 Description: A NULL pointer dereference was discovered in the libavformat/mov.c component. Recommendations: For FFMpeg git master before commit c08d30, update to a version that includes the fix for this issue.

**Name of the Vulnerable Software and Affected Versions** FFmpeg versions up to 7.1 **Description** A critical vulnerability was found in FFmpeg, affecting the function `ff aac search for tns` of the file `libavcodec/aacenc tns.c` of the component AAC Encoder. The manipulation leads to a stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For FFmpeg versions up to 7.1, update to a version later than 7.1 to resolve the issue. As a temporary workaround, consider disabling the `ff aac search for tns` function until a patch is available. Restrict access to the vulnerable AAC Encoder component to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: FFmpeg git master before commit fd1772 Description: A NULL pointer dereference was discovered in the component libavformat/mov.c. This issue affects the FFmpeg git master before commit fd1772. Recommendations: For FFmpeg git master before commit fd1772, update to a version that includes the fix for the NULL pointer dereference in libavformat/mov.c. As a temporary workaround, consider restricting access to the libavformat/mov.c component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** FFmpeg versions prior to commit d5873b **Description** A memory leak exists in the `libavutil/mem.c` component of FFmpeg. This issue involves insufficient protection of service data, potentially allowing a remote attacker to disclose protected information. **Recommendations** Update to FFmpeg commit d5873b or a later version to address this memory leak.

**Name of the Vulnerable Software and Affected Versions** FFmpeg versions prior to commit d5873b **Description** The vulnerability is a memory leak in the `libavutil/iamf.c` component. Exploitation may allow a remote attacker to disclose protected information. The vulnerability can be exploited to crash media servers. **Recommendations** Update FFmpeg to version d5873b or later to address this issue.

Name of the Vulnerable Software and Affected Versions: FFmpeg git-master, N-113007-g8d24a28d06 Description: A segmentation violation was discovered in the component /libavcodec/jpeg2000dec.c. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FFmpeg git-master commit N-113007-g8d24a28d06 Description: A reachable assertion in FFmpeg allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file. Recommendations: For FFmpeg git-master commit N-113007-g8d24a28d06, consider avoiding the use of crafted AAC files until a patch is available. As a temporary workaround, restrict the opening of AAC files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.