Oneafter

**Name of the Vulnerable Software and Affected Versions** jarikomppa soloud versions prior to 20200207 **Description** A flaw exists in jarikomppa soloud, specifically within the WAV File Parser component. The `drwav read pcm frames s16 msadpcm` function in the `src/audiosource/wav/dr wav.h` library is susceptible to an out-of-bounds read condition. Exploitation requires local access. The exploit for this issue has been publicly disclosed. **Recommendations** Upgrade to version 20200207 to address this issue. Upgrade the affected component.

**Name of the Vulnerable Software and Affected Versions** pocketlang versions prior to cc73ca61b113d48ee130d837a7a8b145e41de5ce **Description** A flaw exists in the `pkByteBufferAddString` function. Manipulating the `length` argument with the input 4294967290 leads to memory corruption. The issue requires local access to exploit. The exploit is publicly available. The software does not utilize versioning, making specific affected and unaffected release information unavailable. The project was notified of the issue but has not yet responded. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rxi fe versions prior to ed4cda96bd582cbb08520964ba627efb40f3dd91 **Description** A flaw exists in the `read ` function within the `src/fe.c` file of rxi fe. Providing the input `1` to this function can trigger an out-of-bounds read. Local access is required for exploitation. The exploit for this issue has been publicly disclosed and may be used. The software employs a rolling release model, meaning specific version details for affected or updated releases are unavailable. The project maintainers were notified of the issue but have not yet responded. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** rui314 mold versions up to 2.40.4 **Description** A flaw exists in rui314 mold, specifically within the `mold::ObjectFilemold::X86 64::initialize sections` function located in the `src/input-files.cc` file of the Object File Handler component. A manipulation of the input can lead to a heap-based buffer overflow. Local access is required for exploitation. The exploit for this issue is publicly available. The project maintainers were notified of the problem but have not yet responded. **Recommendations** Versions up to 2.40.4 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** xlnt versions up to 1.6.1 **Description** An issue exists in the xlnt library, specifically within the `xlnt::detail::compound document::read directory` function located in the `source/detail/cryptography/compound document.cpp` file. This relates to the Encrypted XLSX File Parser component and can lead to an out-of-bounds read condition. The issue is restricted to local execution and has been publicly disclosed. **Recommendations** Apply patch 147 to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** xlnt versions up to 1.6.1 **Description** A flaw exists in xlnt that could lead to a null pointer dereference. The issue is located in the `xlnt::detail::xlsx consumer::read office document` function within the `source/detail/serialization/xlsx consumer.cpp` file of the XLSX File Parser component. Exploitation requires local access. The exploit is publicly available. **Recommendations** Versions prior to 1.6.1 should be updated. As a temporary workaround, consider restricting access to the vulnerable function `xlnt::detail::xlsx consumer::read office document` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** xlnt versions up to 1.6.1 **Description** A flaw exists within the xlnt library, specifically in the XLSX File Parser component. This issue resides in the `xlnt::detail::compound document istreambuf::xsgetn` function within the `source/detail/cryptography/compound document.cpp` file. A manipulation of the file can lead to an out-of-bounds read, and the exploit has been publicly disclosed. The issue is only exploitable with local access. **Recommendations** Apply patch 147 to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** Ettercap version 0.8.4-Garofalo **Description** A flaw exists in Ettercap that involves an out-of-bounds read issue within the `add data segment` function located in the `src/ettercap/utils/etterfilter/ef output.c` file, specifically within the etterfilter component. Local access is necessary for exploitation. The details of the exploit have been publicly disclosed, and the project maintainers have been notified but have not yet responded. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** xlnt-community xlnt versions up to 1.6.1 **Description** A flaw exists in xlnt-community xlnt up to version 1.6.1 related to the `xlnt::detail::binary writer::append` function within the `source/detail/binary.hpp` file of the Compound Document Parser component. This issue results in a heap-based buffer overflow. The exploitation of this issue is limited to local execution. The exploit code has been publicly released. **Recommendations** Install patch 147 to address this issue.

**Name of the Vulnerable Software and Affected Versions** YosysHQ yosys versions prior to 0.63 **Description** A heap-based buffer overflow exists in YosysHQ yosys due to a flaw in the BLIF File Parser component, specifically within the `Yosys::RTLIL::Const::set` function located in the `kernel/rtlil.h` file. This manipulation can be triggered on a local host. The exploit has been publicly disclosed. **Recommendations** Apply a patch to address this issue.

**Name of the Vulnerable Software and Affected Versions** Open Babel versions up to 3.1.1 **Description** A flaw exists in Open Babel up to version 3.1.1 related to a null pointer dereference. This issue is located within the `OBAtom::GetExplicitValence` function in the `isrc/atom.cpp` file, specifically within the CDXML File Handler component. The issue can be triggered remotely. The exploit is publicly available. **Recommendations** Apply the patch e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a to resolve this issue.

**Name of the Vulnerable Software and Affected Versions** ChaiScript versions up to 6.1.0 **Description** A security flaw exists in ChaiScript that can lead to memory corruption. The issue is located in the `get as` function within the `chaiscript::Boxed Number` class, specifically in the `include/chaiscript/dispatchkit/boxed number.hpp` file. Exploitation requires local access. The exploit is publicly available. The project was notified of the issue but has not yet responded. **Recommendations** Versions prior to 6.1.0 should be updated. As a temporary workaround, consider avoiding the use of the `get as` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** jarikomppa soloud versions up to 20200207 **Description** A flaw exists in the SoLoud library, specifically within the WAV File Parser component. The `SoLoud::Wav::loadwav` function in the `src/audiosource/wav/soloud wav.cpp` file is susceptible to memory corruption when processing manipulated WAV files. The issue can be triggered locally. The exploit is publicly available, and the project maintainers have been notified but have not yet responded. **Recommendations** Versions prior to 20200207 should be updated. As a temporary workaround, consider restricting access to the `SoLoud::Wav::loadwav` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** jarikomppa soloud versions prior to 20200208 **Description** A heap-based buffer overflow exists in the `SoLoud::Wav::loadflac` function within the `src/audiosource/wav/soloud wav.cpp` file of the Audio File Handler component. This issue affects the processing of FLAC files. The exploit has been publicly disclosed and may be used for malicious purposes. The issue was reported to the project developers, but no response has been received. The attack requires local access. **Recommendations** Versions prior to 20200208 should be updated. As a temporary workaround, consider restricting access to FLAC file handling or disabling the `SoLoud::Wav::loadflac` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** ChaiScript versions up to 6.1.0 **Description** A flaw exists in ChaiScript that can lead to a divide by zero error. This issue is related to the `chaiscript::Boxed Number::go` function within the `include/chaiscript/dispatchkit/boxed number.hpp` file. The issue requires local access to exploit. The exploit is publicly available. **Recommendations** Versions prior to 6.1.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FascinatedBox lily versions prior to 2.3 **Description** A flaw exists in FascinatedBox lily, specifically within the `eval tree` function of the `src/lily emitter.c` file, leading to a null pointer dereference. This issue is exploitable locally. The exploit has been publicly released. The project maintainers were notified but have not yet responded. **Recommendations** Update to a version of FascinatedBox lily that is newer than 2.3. As a temporary workaround, consider restricting access to the `src/lily emitter.c` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** ChaiScript versions up to 6.1.0 **Description** A security issue exists in ChaiScript related to uncontrolled recursion. The `chaiscript::eval::AST Node Impl::eval` function, located in the `include/chaiscript/language/chaiscript eval.hpp` file, is affected. The issue can be exploited locally. The exploit has been publicly disclosed. **Recommendations** Versions prior to 6.1.0 should be updated.

**Name of the Vulnerable Software and Affected Versions** FascinatedBox lily versions prior to 2.3 **Description** A security flaw exists in FascinatedBox lily, potentially leading to an out-of-bounds read. The issue resides within the `clear storages` function located in the `src/lily emitter.c` file. Exploitation requires local access. The exploit code has been publicly released, increasing the risk of attacks. The project maintainers were notified of the issue but have not yet responded. **Recommendations** Update to a version of FascinatedBox lily later than 2.3. As a temporary workaround, consider restricting local access to the affected file `src/lily emitter.c` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** wren-lang wren versions up to 0.4.0 **Description** A flaw exists in the `getByteCountForArguments` function within the `src/vm/wren compiler.c` file. This can lead to a null pointer dereference. Local access is needed for exploitation. The details of the issue have been publicly disclosed. **Recommendations** Versions prior to 0.4.0 should be used. As a temporary workaround, consider restricting access to the `getByteCountForArguments()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** wren-lang wren versions up to 0.4.0 **Description** A flaw exists in the `resolveLocal` function within the `src/vm/wren compiler.c` file. This issue leads to uncontrolled recursion. Local access is required for exploitation. The details of the issue have been publicly disclosed. **Recommendations** Versions prior to 0.4.0 should be updated. As a temporary workaround, consider restricting the use of the `resolveLocal` function until a patch is available.