Skip to main content
CVE-2013-7021 MEDIUM POC PATCH This Month

The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-7019 MEDIUM POC PATCH This Month

The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-7012 MEDIUM POC PATCH This Month

The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-7011 MEDIUM POC PATCH This Month

The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-7009 MEDIUM POC PATCH This Month

The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Apple Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-7008 MEDIUM POC PATCH This Month

The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-7014 MEDIUM POC PATCH This Month

Integer signedness error in the add_bytes_l2_c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.4%
CVE-2013-7022 MEDIUM POC PATCH This Month

The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.3%
CVE-2013-7018 MEDIUM POC PATCH This Month

libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.2%
CVE-2013-7016 MEDIUM POC PATCH This Month

The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.2%
CVE-2013-7015 MEDIUM POC PATCH This Month

The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.2%
CVE-2013-7013 MEDIUM POC PATCH This Month

The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.2%
CVE-2013-7023 MEDIUM POC PATCH This Month

The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
1.0%
CVE-2013-7010 MEDIUM POC PATCH This Month

Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
0.9%
CVE-2013-7024 MEDIUM POC PATCH This Month

The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Buffer Overflow Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
0.9%
CVE-2013-7017 MEDIUM POC PATCH This Month

libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 2.0
6.8
EPSS
0.8%
CVE-2013-6427 MEDIUM POC This Month

upgrade.py in the hp-upgrade service in HP Linux Imaging and Printing (HPLIP) 3.x through 3.13.11 launches a program from an http URL, which allows man-in-the-middle attackers to execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Code Injection HP RCE Linux Imaging And Printing Project
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2013-7027 MEDIUM POC PATCH This Month

The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
6.1
EPSS
0.3%
CVE-2013-6431 MEDIUM POC PATCH This Month

The fib6_add function in net/ipv6/ip6_fib.c in the Linux kernel before 3.11.5 does not properly implement error-code encoding, which allows local users to cause a denial of service (NULL pointer. Rated medium severity (CVSS 4.7). Public exploit code available.

Privilege Escalation Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.7
EPSS
0.0%
CVE-2013-7026 MEDIUM POC PATCH This Month

Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Linux Race Condition Linux Kernel
NVD GitHub
CVSS 2.0
4.7
EPSS
0.0%
CVE-2013-6432 MEDIUM POC PATCH This Month

The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.6
EPSS
0.0%
CVE-2013-6404 MEDIUM POC PATCH This Month

Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation PostgreSQL Quassel Irc
NVD GitHub
CVSS 2.0
4.0
EPSS
0.4%
CVE-2013-7020 MEDIUM PATCH This Month

The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Denial Of Service Ffmpeg Debian Linux
NVD GitHub
CVSS 2.0
6.8
EPSS
1.5%
CVE-2013-1953 MEDIUM This Month

Integer underflow in the input_bmp_reader function in input-bmp.c in AutoTrace 0.31.1 allows context-dependent attackers to have an unspecified impact via a small value in the biSize field in the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Autotrace
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2013-6180 MEDIUM This Month

EMC RSA Security Analytics (SA) 10.x before 10.3, and RSA NetWitness NextGen 9.8, does not ensure that SA Core requests originate from the SA REST UI, which allows remote attackers to bypass intended. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Rsa Netwitness Nextgen Rsa Security Analytics
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2013-5355 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in Sharetronix 3.1.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Sharetronix
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2013-6171 MEDIUM PATCH This Month

checkpassword-reply in Dovecot before 2.2.7 performs setuid operations to a user who is authenticating, which allows local users to bypass authentication and access virtual email accounts by. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Dovecot
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2013-6039 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in NagiosQL 3.2 SP2 allow remote attackers to inject arbitrary web script or HTML via the txtSearch parameter to (1) admin/hostdependencies.php,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

PHP XSS Nagiosql
NVD
CVSS 2.0
4.3
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy