Cross-site scripting vulnerability in Order Status Batch Change Plug-in (for EC-CUBE 3.0 series) all versions allows a remote attacker to inject an arbitrary script via unspecified vectors. Date published : 2021-09-16 https://jvn.jp/en/jp/JVN23406150/index.html https://www.activefusions.com/news/2021/20210915.html
Cross-site scripting vulnerability in List (order management) item change plug-in (for EC-CUBE 3.0 series) Ver.1.1 and earlier allows a remote attacker to inject an arbitrary script via unspecified vectors. Date published : 2021-09-16 https://jvn.jp/en/jp/JVN46313661/index.html...
Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the...
Improper control of program execution vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to execute an arbitrary command or code via unspecified vectors. Date published : 2021-09-16 https://jscom.jp/news-20210910_2/ https://jvn.jp/en/jp/JVN81658818/index.html
libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/232
libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/234
libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/231
libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/240
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/242
libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/241
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/243
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/235
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/237
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file. Date published : 2021-09-16 https://github.com/strukturag/libde265/issues/238