z1r00

59 exploits Active since Aug 2022
CVE-2023-29575 WRITEUP MEDIUM WRITEUP
Axiosys Bento4 - Resource Allocation Without Limits
Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42aac component.
CVSS 5.5
CVE-2023-29576 WRITEUP MEDIUM WRITEUP
Axiosys Bento4 - Out-of-Bounds Read
Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_TrunAtom::SetDataOffset(int) function in Ap4TrunAtom.h.
CVSS 5.5
CVE-2023-29578 WRITEUP HIGH WRITEUP
Mp4v2 - Out-of-Bounds Write
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at src/mp4property.cpp.
CVSS 8.8
CVE-2023-29579 WRITEUP MEDIUM WRITEUP
Yasm - Out-of-Bounds Write
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVSS 5.5
CVE-2023-29580 WRITEUP MEDIUM WRITEUP
yasm <1.3.0.55.g101bc - Memory Corruption
yasm 1.3.0.55.g101bc was discovered to contain a segmentation violation via the component yasm_expr_create at /libyasm/expr.c.
CVSS 5.5
CVE-2023-29581 WRITEUP MEDIUM WRITEUP
yasm 1.3.0.55.g101bc - Info Disclosure
yasm 1.3.0.55.g101bc has a segmentation violation in the function delete_Token at modules/preprocs/nasm/nasm-pp.c. NOTE: although a libyasm application could become unavailable if this were exploited, the vendor's position is that there is no security relevance because there is either supposed to be input validation before data reaches libyasm, or a sandbox in which the application runs.
CVSS 5.5
CVE-2023-29582 WRITEUP MEDIUM WRITEUP
Yasm - Out-of-Bounds Write
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVSS 5.5
CVE-2023-29583 WRITEUP MEDIUM WRITEUP
Yasm - Out-of-Bounds Write
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code.
CVSS 5.5
CVE-2023-29584 WRITEUP HIGH WRITEUP
Mp4v2 - Out-of-Bounds Write
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp.
CVSS 8.8