TeamSeri0us

17 exploits Active since Jul 2018
CVE-2018-13869 WRITEUP CRITICAL WRITEUP
HDF5 1.8.20 - Memory Corruption via H5O_link_decode memcpy Parameter Overlap
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
CVSS 9.8
CVE-2018-13872 WRITEUP CRITICAL WRITEUP
HDF HDF5 1.8.20 - Heap-Based Buffer Overflow in H5G_ent_decode
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c.
CVSS 9.8
CVE-2018-17097 WRITEUP HIGH WRITEUP
Olli Parviainen SoundTouch 2.0 - Use After Free
The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by SoundStretch.
CVSS 8.8
CVE-2018-18274 WRITEUP HIGH WRITEUP
pdfalto 0.2 - Heap-Based Buffer Overflow in TextPage::addAttributsNode
A issue was found in pdfalto 0.2. There is a heap-based buffer overflow in the TextPage::addAttributsNode function in XmlAltoOutputDev.cc.
CVSS 7.8
CVE-2018-19502 WRITEUP HIGH WRITEUP
Freeware Advanced Audio Decoder 2 <2.8.1 - Buffer Overflow
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.
CVSS 7.8
CVE-2019-11640 WRITEUP HIGH WRITEUP
GNU recutils <1.8 - Buffer Overflow
An issue was discovered in GNU recutils 1.8. There is a heap-based buffer overflow in the function rec_fex_parse_str_simple at rec-fex.c in librec.a.
CVSS 8.8
CVE-2019-13129 WRITEUP HIGH WORKING POC
Motorola router CX2L MWR04L 1.01 - Buffer Overflow
On the Motorola router CX2L MWR04L 1.01, there is a stack consumption (infinite recursion) issue in scopd via TCP port 8010 and UDP port 8080. It is caused by snprintf and inappropriate length handling.
CVSS 7.5
CVE-2019-14292 WRITEUP MEDIUM WRITEUP
Xpdf <4.01.01 - Info Disclosure
An issue was discovered in Xpdf 4.01.01. There is an out of bounds read in the function GfxPatchMeshShading::parse at GfxState.cc for typeA!=6 case 1.
CVSS 5.5
CVE-2019-15527 WRITEUP HIGH WORKING POC
D-Link DIR-823G Firmware V1.0.2B05 - Authenticated OS Command Injection via HNAP1 MaxIdTime Field
An issue was discovered on D-Link DIR-823G devices with firmware V1.0.2B05. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MaxIdTime field to SetWanSettings.
CVSS 8.8
CVE-2019-16228 WRITEUP HIGH WRITEUP
py-lmdb < 0.97 - Denial of Service via Divide-by-Zero in mdb_env_open2
An issue was discovered in py-lmdb 0.97. There is a divide-by-zero error in the function mdb_env_open2 if mdb_env_read_header obtains a zero value for a certain size field. NOTE: this outcome occurs when accessing a data.mdb file supplied by an attacker.
CVSS 7.5
CVE-2019-17528 WRITEUP HIGH WRITEUP
Bento4 1.5.1.0 - Denial of Service via AP4_TfhdAtom::SetDefaultSampleSize
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
CVSS 7.5
CVE-2019-18804 WRITEUP HIGH WRITEUP
DjVuLibre 3.5.27 - Memory Corruption
DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU::filter_fv at IW44EncodeCodec.cpp.
CVSS 7.5
CVE-2019-6459 WRITEUP MEDIUM WRITEUP
GNU Recutils 1.8 - Memory Leak in rec_extract_type
An issue was discovered in GNU Recutils 1.8. There is a memory leak in rec_extract_type in rec-utils.c in librec.a.
CVSS 6.5
CVE-2019-6462 WRITEUP MEDIUM WRITEUP
cairo 1.16.0 - Denial of Service via Infinite Loop in _arc_error_normalized
An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-arc.c, related to _arc_max_angle_for_tolerance_normalized.
CVSS 6.5
CVE-2019-9026 WRITEUP HIGH WRITEUP
matio 1.5.13 - Heap-Based Buffer Overflow in InflateVarName
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function InflateVarName() in inflate.c when called from ReadNextCell in mat5.c.
CVSS 7.5
CVE-2019-9030 WRITEUP CRITICAL WRITEUP
matio 1.5.13 - Stack-based Buffer Over-read in Mat_VarReadNextInfo5
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in Mat_VarReadNextInfo5() in mat5.c.
CVSS 9.1
CVE-2019-9033 WRITEUP CRITICAL WRITEUP
matio 1.5.13 - Stack-based Buffer Over-read in ReadNextCell
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for the "Rank and Dimension" feature in the function ReadNextCell() in mat5.c.
CVSS 9.1