Yourbutterfly

#7382of 53,635
37.1Total CVSS
Vulnerabilities · 5
Medium
1
High
4
PT-2019-15187
7.5
2019-10-12
Axiomatic Systems · Bento4 · CVE-2019-17528
**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1.0 **Description** A issue was found in the function `AP4 TfhdAtom::SetDefaultSampleSize` at `Core/Ap4TfhdAtom.h` when called from `AP4 Processor::ProcessFragments` in `Core/Ap4Processor.cpp`, resulting in a SEGV. **Recommendations** For Bento4 version 1.5.1.0, as a temporary workaround, consider disabling the `AP4 TfhdAtom::SetDefaultSampleSize` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-15188
7.8
2019-10-12
Axiomatic Systems · Bento4 · CVE-2019-17529
**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1.0 **Description** A heap-based buffer over-read issue exists in the `AP4 CencSampleEncryption::DoInspectFields` function, located in `Core/Ap4CommonEncryption.cpp`, when called from `AP4 Atom::Inspect` in `Core/Ap4Atom.cpp`. **Recommendations** For Bento4 version 1.5.1.0, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2019-15189
7.8
2019-10-12
Axiomatic Systems · Bento4 · CVE-2019-17530
**Name of the Vulnerable Software and Affected Versions** Bento4 version 1.5.1.0 **Description** A heap-based buffer over-read issue exists in the `AP4 PrintInspector::AddField` function, located in `Core/Ap4Atom.cpp`, when called from `AP4 CencSampleEncryption::DoInspectFields` in `Core/Ap4CommonEncryption.cpp`, and subsequently from `AP4 Atom::Inspect` in `Core/Ap4Atom.cpp`. **Recommendations** For Bento4 version 1.5.1.0, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2019-6434
7.5
2019-07-23
Intel · Opencv · CVE-2019-14493
**Name of the Vulnerable Software and Affected Versions** OpenCV versions prior to 4.1.1 **Description** An issue was discovered in the function `cv::XMLParser::parse` at `modules/core/src/persistence.cpp`, which is related to errors in pointer dereferencing. This issue can be exploited by a remote attacker to cause a denial of service. **Recommendations** For versions prior to 4.1.1, update to version 4.1.1 or later to resolve the issue. As a temporary workaround, consider disabling the `cv::XMLParser::parse` function until a patch is available.
PT-2018-3555
6.5
2018-11-21
Erik De Castro Lopo · Libsndfile · CVE-2018-19432
Name of the Vulnerable Software and Affected Versions: libsndfile version 1.0.28 Description: The issue is related to a NULL pointer dereference in the `sf write int` function in `sndfile.c`, which can lead to a denial of service. This can be exploited by a remote attacker to cause a service disruption. Recommendations: For libsndfile version 1.0.28, consider disabling the `sf write int` function as a temporary workaround until a patch is available. Restrict access to the `sndfile.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.