5.3
CVE-2024-12482 - cjbi wetech-cms Database Backup BackupFileUtil.java backup path traversal
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\java\tech\wetech\basic\util\BackupFileUtil.java of the component Database Backup Handler. The manipulaβ¦
5.3
CVE-2024-12481 - cjbi wetech-cms UserDao.java findUser sql injection
A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been declared as critical. Affected by this vulnerability is the function findUser of the file wetech-cms-master\wetech-core\src\main\java\tech\wetech\cms\dao\UserDao.java. The manipulation of the argument searchValue/gId/rId leads toβ¦
5.1
CVE-2024-47834 - GHSL-2024-280: Gstreamer Use-After-Free read in Matroska CodecPrivate
GStreamer is a library for constructing graphs of media-handling components. An Use-After-Free read vulnerability has been discovered affecting the processing of CodecPrivate elements in Matroska streams. In the GST_MATROSKA_ID_CODECPRIVATE case within the gst_matroska_demux_parse_stream function, β¦
6.8
CVE-2024-47835 - GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parse_lrc function within gstsubparse.c. The parse_lrc function calls strchr() to find the character ']' in the string line. The pointer returned by this caβ¦
5.1
CVE-2024-47778 - GHSL-2024-258: GStreamer has an OOB-read in gst_wavparse_adtl_chunk
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been discovered in gst_wavparse_adtl_chunk within gstwavparse.c. This vulnerability arises due to insufficient validation of the size parameter, which can exceed the bounds of the data buffer.β¦
5.1
CVE-2024-47777 - GHSL-2024-259: GStreamer has an OOB-read in gst_wavparse_smpl_chunk
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_wavparse_smpl_chunk function within gstwavparse.c. This function attempts to read 4 bytes from the data + 12 offset without checking if the size of the data buffer iβ¦
5.1
CVE-2024-47776 - GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk
GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst_wavparse_cue_chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch β¦
5.1
CVE-2024-47775 - GHSL-2024-261: GStreamer has an OOB-read in parse_ds64
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiplβ¦
5.1
CVE-2024-47774 - GHSL-2024-262: GStreamer has an OOB-read in gst_avi_subtitle_parse_gab2_chunk
GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been identified in the gst_avi_subtitle_parse_gab2_chunk function within gstavisubtitle.c. The function reads the name_length value directly from the input file without checking it properly. Tβ¦
8.6
CVE-2024-47613 - GHSL-2024-118: GStreamer has a null pointer dereference in gst_gdk_pixbuf_dec_flush
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in `gst_gdk_pixbuf_dec_flush` within `gstgdkpixbufdec.c`. This function invokes `memcpy`, using `out_pix` as the destination address. `out_pix` is expected to poβ¦