• CVE-2022-XXXX, potential OOB write when parsing NFS4 packets in Wireshark, Wireshark
• CVE-2022-XXXX, OOB read in FFMPEG, FFMPEG
• CVE-2021-43804, out-of-bounds read when parsing RTCP BYE message, PJProject
• CVE-2021-43845, OOB read for RTCP XR block, PJProject
• CVE-2021-36934, An integer overflow in WhatsApp for Android and iOS could result in remote code execution in an established video call, Whatsapp
• CVE-2021-24043, A missing bound check in RTCP flag parsing code prior to WhatsApp Android and iOS, Whatsapp
• CVE-2016-6906, out-of-bounds read via a crafted TGA file in the GD Graphics Library (aka libgd) before 2.2.4, Libgd
• CVE-2016-6912, Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4, Libgd
• CVE-2016-5842, MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read ImageMagick
• CVE-2016-6491, Buffer overflow in ImageMagick allows remote attackers to out-of-bounds read via a crafted image, ImageMagick
• CVE-2016-5841, Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. ImageMagick
• CVE-2016-10165, An out-of-bounds heap read in The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information via an image with a crafted ICC profile. Little CMS