Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When parsing a file that is submitted to the DPDecoder service as a job, the R3D SDK will mistakenly skip over the assignment of a property containing an object referring to a UUID that was parsed from a frame within the video container. Upon destruction of the object that owns it, the uninitialized member will be dereferenced and then destroyed using the object’s virtual destructor. Due to the object property being uninitialized, this can result in dereferencing an arbitrary pointer for the object’s virtual method table, which can result in code execution under the context of the application.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用未经初始化的变量
Vulnerability Title
Blackmagic Design DaVinci Resolve 安全漏洞
Vulnerability Description
Blackmagic Design DaVinci Resolve是一款将剪辑、色彩校正、视觉效果、动态图形和音频后期制作集于一身的软件工具。 Blackmagic Design DaVinci Resolve 17.3.1.0005存在安全漏洞,该漏洞源于未初始化对象属性,这可能会导致取消引用对象的虚拟方法表的任意指针,从而导致在应用程序上下文中执行代码。
CVSS Information
N/A
Vulnerability Type
N/A