Aurorainfinity

**Name of the Vulnerable Software and Affected Versions** jerryscript version 2.3.0 **Description** An issue in ecma-helpers.c allows local attackers to cause a denial of service (DoS) due to a Null Pointer Dereference. This issue enables local attackers to potentially disrupt service availability. **Recommendations** For jerryscript version 2.3.0, update to a version that fixes the Null Pointer Dereference issue in ecma-helpers.c to prevent local attackers from causing a denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: pdf2xml version 2.0 Description: A heap-buffer overflow was discovered in the `TextPage::dump()` function. This issue may allow for potential exploitation. Recommendations: For pdf2xml version 2.0, consider disabling the `TextPage::dump()` function as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: pdf2xml version 2.0 Description: A heap-buffer overflow was discovered in the function `TextPage::addAttributsNode()`. Recommendations: For pdf2xml version 2.0, at the moment, there is no information about a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: pdf2xml version 2.0 Description: A memory leak was discovered in the function `TextPage::testLinkedText()`. Recommendations: For pdf2xml version 2.0, consider disabling the `TextPage::testLinkedText()` function as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: pdf2xml version 2.0 Description: A stack buffer overflow was discovered in the getObjectStream component of pdf2xml. Recommendations: For pdf2xml version 2.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: pdf2xml version 2.0 Description: A NULL pointer dereference in the `TextPage::restoreState` function allows attackers to cause a denial of service (DoS). Recommendations: For pdf2xml version 2.0, consider disabling the `TextPage::restoreState` function as a temporary workaround until a patch is available.

Name of the Vulnerable Software and Affected Versions: pdf2json version 0.71 Description: The issue is related to a NULL pointer dereference in the `ObjectStream::getObject` component. This indicates a problem where the software attempts to access memory through a null, or non-existent, pointer, which can lead to crashes or potentially allow an attacker to execute arbitrary code. Recommendations: For pdf2json version 0.71, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: pdf2json version 0.71 Description: A stack buffer overflow was discovered in the XRef::fetch component of pdf2json. Recommendations: For pdf2json version 0.71, update to a newer version that contains a fix for this issue.

Name of the Vulnerable Software and Affected Versions: Speex version 1.2 Description: A Divide by Zero vulnerability in the function `read samples` of Speex allows attackers to cause a denial of service (DoS) via a crafted WAV file. Recommendations: For Speex version 1.2, as a temporary workaround, consider disabling the `read samples` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Speex version 1.2 Description: A stack buffer overflow in speexenc.c allows attackers to cause a denial of service (DoS) via a crafted WAV file. The vendor states that the issue cannot be reproduced and that it is a demo program. Recommendations: For Speex version 1.2, as a temporary workaround, consider restricting the use of the speexenc.c component until a patch is available. However, since the vendor cannot reproduce the issue, there is limited information on a definitive fix. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Nomacs version 3.15.0 Description: A buffer overflow in the software allows attackers to cause a denial of service (DoS) via a crafted MNG file. Recommendations: For Nomacs version 3.15.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.