Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quicktime vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-5815
An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.
Libraw Libraw
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 16.04
5.5
CVSSv3
CVE-2017-18233
An issue exists in Exempi prior to 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote malicious users to cause a denial of service (infinite loop) via crafted XMP data in a .avi file.
Exempi Project Exempi
Debian Debian Linux 7.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
5.5
CVSSv3
CVE-2017-18236
An issue exists in Exempi prior to 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote malicious users to cause a denial of service (infinite loop) via a crafted .asf file.
Exempi Project Exempi
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 14.04
5.5
CVSSv3
CVE-2017-18238
An issue exists in Exempi prior to 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote malicious users to cause a denial of service (infinite loop) via crafted XMP data in a .qt file.
Exempi Project Exempi
Debian Debian Linux 7.0
5.5
CVSSv3
CVE-2018-7730
An issue exists in Exempi up to and including 2.4.4. A certain case of a 0xffffffff length is mishandled in XMPFiles/source/FormatSupport/PSIR_FileWriter.cpp, leading to a heap-based buffer over-read in the PSD_MetaHandler::CacheFileData() function.
Exempi Project Exempi
Debian Debian Linux 7.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 17.10
5.5
CVSSv3
CVE-2017-13823
An issue exists in certain Apple products. macOS prior to 10.13.1 is affected. The issue involves the "QuickTime" component. It allows malicious users to bypass intended memory-read restrictions via a crafted app.
Apple Mac Os X
NA
CVE-2022-3755
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
NA
CVE-2022-3756
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
NA
CVE-2022-3757
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
NA
CVE-2022-3718
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »