A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter16_complex_low, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 https://trac.ffmpeg.org/attachment/ticket/8243/gdb-vf_w3fdif_191 https://trac.ffmpeg.org/ticket/8243
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 https://trac.ffmpeg.org/ticket/8276
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7fd1279703683ebb548ef7baa2f1519994496ae https://trac.ffmpeg.org/ticket/8250
A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 https://trac.ffmpeg.org/attachment/ticket/8242/gdb-vf_neighbor_191 https://trac.ffmpeg.org/ticket/8242
A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 https://trac.ffmpeg.org/ticket/8260 https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 https://trac.ffmpeg.org/ticket/8244 https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 https://trac.ffmpeg.org/ticket/8264 https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 https://trac.ffmpeg.org/ticket/8309
A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files, which might lead to memory corruption and other potential consequences. Date published : 2021-05-27 https://trac.ffmpeg.org/ticket/8183 https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html
Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_switchshow" of component " /admin/web_config.php". Date published : 2021-05-27 https://github.com/PearlyNautilus/Security-Code-Review/issues/4
Cross Site Scripting (XSS) in PHPMyWind v5.5 allows remote attackers to execute arbitrary code by injecting scripts into the parameter "$cfg_copyright" of component " /admin/web_config.php". Date published : 2021-05-27 https://github.com/PearlyNautilus/Security-Code-Review/issues/4
A flaw was found in the OpenShift web console, where the access token is stored in the browser’s local storage. An attacker can use this flaw to get the access token via physical access,...
Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful. Date published : 2021-05-27 https://issues.apache.org/jira/browse/FINERACT-1211 https://lists.apache.org/thread.html/rc011b25289c8a6e14f8bc6d07e727382a1df3c8cf2aa5369598bbf64@%3Cdev.fineract.apache.org%3E
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can...