CVEs from 2026
Total
14,769
critical
critical 1,335
high
high 5,011
medium
medium 4,834
low
low 504
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-4166 | low | 3.5 | 3.5 | 3mo ago | A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted element is the function sub_404F68 of the file /cgi-bin/login.cgi. The manipulation of the argument homepage/hostname results in c… | |||
| CVE-2026-3984 | low | 3.5 | 3.5 | 3mo ago | A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file save_up_athlete.php. This manipulation o… | |||
| CVE-2026-3983 | low | 3.5 | 3.5 | 3mo ago | A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argume… | |||
| CVE-2026-3946 | low | 3.5 | 3.5 | 3mo ago | A vulnerability was detected in PHPEMS 11.0. The affected element is an unknown function of the file /index.php?ask=app-ask. Performing a manipulation of the argument askcontent results in cross site… | |||
| CVE-2026-2825 | low | 3.5 | 3.5 | 4mo ago | A vulnerability has been found in rachelos WeRSS we-mp-rss up to 1.4.8. This impacts the function fix_html of the file tools/fix.py of the component Article Module. The manipulation leads to cross si… | |||
| CVE-2026-2709 | low | 3.5 | 3.5 | 4mo ago | A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulatio… | |||
| CVE-2026-1406 | low | 3.5 | 3.5 | 4mo ago | A vulnerability was determined in lcg0124 BootDo up to 5ccd963c74058036b466e038cff37de4056c1600. Affected by this vulnerability is the function redirectToLogin of the file AccessControlFilter.java of… | |||
| CVE-2026-1161 | low | 3.5 | 3.5 | 5mo ago | A vulnerability was detected in pbrong hrms 1.0.1. The affected element is the function UpdateRecruitmentById of the file /handler/recruitment.go. The manipulation results in cross site scripting. Th… | |||
| CVE-2026-1136 | low | 3.5 | 3.5 | 5mo ago | A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Affected is the function Save of the file /blog/bContent/save of the component ContentController. This… | |||
| CVE-2026-0824 | low | 3.5 | 3.5 | 5mo ago | QuestDB UI's Web Console is Vulnerable to Cross-Site Scripting | |||
| CVE-2026-34685 | low | 3.4 | 3.4 | 26d ago | Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier [NEEDS REVIEW: impact mismatch — ticket says 'Arbitrary file system write', CIA triad derives 'Sec… | |||
| CVE-2026-40131 | low | 3.4 | 3.4 | 27d ago | SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploi… | |||
| CVE-2026-42195 | low | 3.4 | 3.4 | 1mo ago | draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.9, the draw.io client accepts a ?gitlab= URL parameter that overrides the GitLab server URL used during OAut… | |||
| CVE-2026-44405 | low | 3.4 | 3.4 | 1mo ago | Paramiko rsakey.py allows the SHA-1 algorithm | |||
| CVE-2026-11459 | low | 3.3 | 3.3 | 10h ago | A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.1. Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler. The manipulation leads to … | |||
| CVE-2026-21027 | low | 3.3 | 3.3 | 2d ago | Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function. | |||
| CVE-2026-11312 | low | 3.3 | 3.3 | 3d ago | A vulnerability was found in bytedance InfiniStore up to 0.2.33. The impacted element is the function purge_kv_map in the library /src/infinistore.h of the component KV Map Handler. Performing a mani… | |||
| CVE-2026-10722 | low | 3.3 | 3.3 | 4d ago | A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipul… | |||
| CVE-2026-10528 | low | 3.3 | 3.3 | 6d ago | A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the c… | |||
| CVE-2026-10298 | low | 3.3 | 3.3 | 6d ago | A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whisper_model_load of the file ggml/src/ggml.c. The manipulation results in null point… | |||
| CVE-2026-10295 | low | 3.3 | 3.3 | 6d ago | A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a mani… | |||
| CVE-2026-28586 | low | 3.3 | 3.3 | 6d ago | In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution pri… | |||
| CVE-2026-0056 | low | 3.3 | 3.3 | 6d ago | In setTo of ResourceTypes.cpp, there is a possible read out of bounds due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed.… | |||
| CVE-2026-0050 | low | 3.3 | 3.3 | 6d ago | In handleBondStateChanged of AdapterService.java, there is a possible sensitive information disclosure due to a permissions bypass. This could lead to local information disclosure with no additional … | |||
| CVE-2026-0016 | low | 3.3 | 3.3 | 6d ago | In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disc… | |||
| CVE-2026-45277 | low | 3.3 | 3.3 | 6d ago | Nextcloud is an open source content collaboration platform. Prior to version 2.7.2, authenticated users can check if arbitrary files are associated with specific approval workflows where they can req… | |||
| CVE-2026-10268 | low | 3.3 | 3.3 | 6d ago | A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the function unmarshal_one_fiber of the file src/core/marsh.c. Executing a manipulation can lead to integer… | |||
| CVE-2026-10267 | low | 3.3 | 3.3 | 6d ago | A security flaw has been discovered in janet-lang janet up to 1.41.0. This affects the function doframe of the file src/core/debug.c. Performing a manipulation results in out-of-bounds read. Attackin… | |||
| CVE-2026-10233 | low | 3.3 | 3.3 | 7d ago | A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MD… | |||
| CVE-2026-10201 | low | 3.3 | 3.3 | 7d ago | A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a ma… | |||
| CVE-2026-10199 | low | 3.3 | 3.3 | 7d ago | A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator[] leads to null po… | |||
| CVE-2026-10198 | low | 3.3 | 3.3 | 7d ago | A flaw has been found in Assimp up to 6.0.4. Affected by this vulnerability is the function Assimp::glTFImporter::ImportMeshes of the file glTFImporter.cpp of the component glTFImporter. This manipul… | |||
| CVE-2026-10197 | low | 3.3 | 3.3 | 7d ago | A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handle… | |||
| CVE-2026-49383 | low | 3.3 | 3.3 | 9d ago | In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible | |||
| CVE-2026-45324 | low | 3.3 | 3.3 | 9d ago | Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vul… | |||
| CVE-2026-45613 | low | 3.3 | 3.3 | 9d ago | Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76c… | |||
| CVE-2026-47337 | low | 3.3 | 3.3 | 10d ago | Linux kernel vulnerabilities | |||
| CVE-2026-47336 | low | 3.3 | 3.3 | 10d ago | Linux kernel vulnerabilities | |||
| CVE-2026-47330 | low | 3.3 | 3.3 | 10d ago | Linux kernel vulnerabilities | |||
| CVE-2026-47329 | low | 3.3 | 3.3 | 10d ago | Linux kernel vulnerabilities | |||
| CVE-2026-47327 | low | 3.3 | 3.3 | 10d ago | Linux kernel vulnerabilities | |||
| CVE-2026-48156 | low | 3.3 | 3.3 | 10d ago | pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams w… | |||
| CVE-2026-9572 | low | 3.3 | 3.3 | 12d ago | A security vulnerability has been detected in GPAC up to 2.4.0. Affected by this issue is the function Media_GetSample of the file src/isomedia/media.c of the component MP4Box. Such manipulation of t… | |||
| CVE-2026-9567 | low | 3.3 | 3.3 | 12d ago | A security flaw has been discovered in GPAC up to 2.4.0. Affected is the function MergeFragment of the file src/isomedia/isom_intern.c of the component MP4Box. The manipulation results in null pointe… | |||
| CVE-2026-9530 | low | 3.3 | 3.3 | 13d ago | A weakness has been identified in GNU LibreDWG up to 0.14. The impacted element is the function read_2004_compressed_section of the file src/decode.c of the component Dwgbmp Utility. Executing a mani… | |||
| CVE-2026-9529 | low | 3.3 | 3.3 | 13d ago | A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function match_BLOCK_HEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulati… | |||
| CVE-2026-9504 | low | 3.3 | 3.3 | 13d ago | A weakness has been identified in GNU LibreDWG up to 0.14. Affected is the function bit_convert_TU of the file programs/dwggrep.c of the component Dwggrep Utility. This manipulation causes out-of-bou… | |||
| CVE-2026-9503 | low | 3.3 | 3.3 | 13d ago | A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwg_next_entity of the file src/decode.c of the component DWG File Handler. The manipulation results in null … | |||
| CVE-2026-9501 | low | 3.3 | 3.3 | 13d ago | A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. Executing a manipul… | |||
| CVE-2026-39824 | low | 3.3 | 3.3 | 16d ago | NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), it returns a truncated strin… | |||
| CVE-2026-47782 | low | 3.3 | 3.3 | 18d ago | Android App "RoboForm Password Manager" provided by Siber Systems, Inc. handles Android intents without sufficient URL validation, user confirmation nor notification. If a URL to some malicious web p… | |||
| CVE-2026-33565 | low | 3.3 | 3.3 | 20d ago | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | |||
| CVE-2026-28751 | low | 3.3 | 3.3 | 20d ago | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | |||
| CVE-2026-27781 | low | 3.3 | 3.3 | 20d ago | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | |||
| CVE-2026-25110 | low | 3.3 | 3.3 | 20d ago | in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS. | |||
| CVE-2026-0965 | low | 3.3 | 3.3 | 20d ago | Moderate: libssh security update | |||
| CVE-2026-47091 | low | 3.3 | 3.3 | 20d ago | Claude HUD through 0.0.12, patched in commit 234d9aa, contains a path traversal vulnerability that allows attackers to read arbitrary files by supplying an unvalidated transcript_path value via stdin… | |||
| CVE-2026-8770 | low | 3.3 | 3.3 | 21d ago | A vulnerability was identified in continuedev continue up to 1.2.22. This affects the function lsTool of the file core/tools/implementations/lsTool.ts of the component JSON-RPC Server. Such manipulat… | |||
| CVE-2026-20793 | low | 3.3 | 3.3 | 26d ago | Unchecked return value for some Intel(R) QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an a… | |||
| CVE-2026-41530 | low | 3.3 | 3.3 | 27d ago | The automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected product is configured with the automatic folder creation fe… | |||
| CVE-2026-28910 | low | 3.3 | 3.3 | 27d ago | macOS Tahoe 26.4 | |||
| CVE-2026-28957 | low | 3.3 | 3.3 | 28d ago | visionOS 26.5 | |||
| CVE-2026-32803 | low | 3.3 | 3.3 | 1mo ago | Dell PowerScale OneFS versions 9.5.0.0 through 9.5.1.6, 9.6.0.0 through 9.7.1.13, 9.8.0.0 through 9.10.1.5 and 9.11.0.0 through 9.12.0.1 contains an Insufficient Logging vulnerability. A low privileg… | |||
| CVE-2026-41498 | low | 3.3 | 3.3 | 1mo ago | Kimai has Missing Object-Level Authorization in the Team API | |||
| CVE-2026-7740 | low | 3.3 | 3.3 | 1mo ago | A security vulnerability has been detected in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument track_id… | |||
| CVE-2026-7739 | low | 3.3 | 3.3 | 1mo ago | A weakness has been identified in justdan96 tsMuxer up to 2.7.0. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxer_prev/tsMuxer/hevc.cpp. This manipulation … | |||
| CVE-2026-33448 | low | 3.3 | 3.3 | 1mo ago | CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. Attackers with control of a modified server can force the client to dump t… | |||
| CVE-2026-41357 | low | 3.3 | 3.3 | 2mo ago | OpenClaw before 2026.3.31 contains an environment variable leakage vulnerability in SSH-based sandbox backends that pass unsanitized process.env to child processes. Attackers can exploit this by leve… | |||
| CVE-2026-35379 | low | 3.3 | 3.3 | 2mo ago | A logic error in the tr utility of uutils coreutils causes the program to incorrectly define the [:graph:] and [:print:] character classes. The implementation mistakenly includes the ASCII space char… | |||
| CVE-2026-35378 | low | 3.3 | 3.3 | 2mo ago | A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw… | |||
| CVE-2026-35375 | low | 3.3 | 3.3 | 2mo ago | A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes to_string_lossy() wh… | |||
| CVE-2026-35371 | low | 3.3 | 3.3 | 2mo ago | The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead o… | |||
| CVE-2026-35344 | low | 3.3 | 3.3 | 2mo ago | The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok() on truncation attempts. While intended to mimic GNU behavior for special… | |||
| CVE-2026-35343 | low | 3.3 | 3.3 | 2mo ago | The cut utility in uutils coreutils incorrectly handles the -s (only-delimited) option when a newline character is specified as the delimiter. The implementation fails to verify the only_delimited fl… | |||
| CVE-2026-35342 | low | 3.3 | 3.3 | 2mo ago | The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable. Unlike GNU mktemp, which falls back to /tmp when TMPDIR is an empty string, the uutils implementa… | |||
| CVE-2026-40505 | low | 3.3 | 3.3 | 2mo ago | MuPDF before 1.27 contains an ANSI injection vulnerability in mutool that allows attackers to inject arbitrary ANSI escape sequences through crafted PDF metadata fields. Attackers can embed malicious… | |||
| CVE-2026-6192 | low | 3.3 | 3.3 | 2mo ago | OpenJPEG vulnerability | |||
| CVE-2026-40228 | low | 3.3 | 3.3 | 2mo ago | In systemd 259, systemd-journald can send ANSI escape sequences to the terminals of arbitrary users when a "logger -p emerg" command is executed, if ForwardToWall=yes is set. | |||
| CVE-2026-5037 | low | 3.3 | 3.3 | 2mo ago | A vulnerability was determined in mxml up to 4.0.4. This issue affects the function index_sort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr c… | |||
| CVE-2026-4833 | low | 3.3 | 3.3 | 2mo ago | A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled r… | |||
| CVE-2026-20684 | low | 3.3 | 3.3 | 3mo ago | macOS Tahoe 26.4 | |||
| CVE-2026-4539 | low | 3.3 | 3.3 | 3mo ago | A security flaw has been discovered in pygments up to 2.19.2. The impacted element is the function AdlLexer of the file pygments/lexers/archetype.py. The manipulation results in inefficient regular e… | |||
| CVE-2026-4159 | low | 3.3 | 3.3 | 3mo ago | 1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_Decode… | |||
| CVE-2026-4174 | low | 3.3 | 3.3 | 3mo ago | A vulnerability has been found in Radare2 5.9.9. This issue affects the function walk_exports_trie of the file libr/bin/format/mach0/mach0.c of the component Mach-O File Parser. Such manipulation lea… | |||
| CVE-2026-4010 | low | 3.3 | 3.3 | 3mo ago | A vulnerability was found in ThakeeNathees pocketlang up to cc73ca61b113d48ee130d837a7a8b145e41de5ce. The affected element is the function pkByteBufferAddString. The manipulation of the argument leng… | |||
| CVE-2026-4009 | low | 3.3 | 3.3 | 3mo ago | A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwav_read_pcm_frames_s16__msadpcm in the library src/audiosource/wav/dr_wav.h of the component WAV File P… | |||
| CVE-2026-3950 | low | 3.3 | 3.3 | 3mo ago | A vulnerability was identified in strukturag libheif up to 1.21.2. This impacts the function Track::load of the file libheif/sequences/track.cc of the component stsz/stts. The manipulation leads to o… | |||
| CVE-2026-3949 | low | 3.3 | 3.3 | 3mo ago | A vulnerability was determined in strukturag libheif up to 1.21.2. This affects the function vvdec_push_data2 of the file libheif/plugins/decoder_vvdec.cc of the component HEIF File Parser. Executing… | |||
| CVE-2026-21791 | low | 3.3 | 3.3 | 3mo ago | HCL Sametime for Android is impacted by a sensitive information disclosure. Hostnames information is written in application logs and certain URL | |||
| CVE-2026-3449 | low | 3.3 | 3.3 | 3mo ago | @tootallnate/once vulnerable to Incorrect Control Flow Scoping | |||
| CVE-2026-3407 | low | 3.3 | 3.3 | 3mo ago | A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes h… | |||
| CVE-2026-2903 | low | 3.3 | 3.3 | 4mo ago | A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack ca… | |||
| CVE-2026-2889 | low | 3.3 | 3.3 | 4mo ago | A vulnerability was detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the library src/lib_ccx/mp4.c. Performing a manipulation results in use after free. The attack is only… | |||
| CVE-2026-2642 | low | 3.3 | 3.3 | 4mo ago | A security vulnerability has been detected in ggreer the_silver_searcher up to 2.2.0. The impacted element is the function search_stream of the file src/search.c. The manipulation leads to null point… | |||
| CVE-2026-2641 | low | 3.3 | 3.3 | 4mo ago | A weakness has been identified in universal-ctags ctags up to 6.2.1. The affected element is the function parseExpression/parseExprList of the file parsers/v.c of the component V Language Parser. Exe… | |||
| CVE-2026-2246 | low | 3.3 | 3.3 | 4mo ago | A security vulnerability has been detected in AprilRobotics apriltag up to 3.4.5. Affected by this vulnerability is the function apriltag_detector_detect of the file apriltag.c. The manipulation lead… | |||
| CVE-2026-2245 | low | 3.3 | 3.3 | 4mo ago | A vulnerability was identified in CCExtractor up to 183. This affects the function parse_PAT/parse_PMT in the library src/lib_ccx/ts_tables.c of the component MPEG-TS File Parser. Such manipulation l… | |||
| CVE-2026-2069 | low | 3.3 | 3.3 | 4mo ago | A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This… | |||
| CVE-2026-1990 | low | 3.3 | 3.3 | 4mo ago | A security vulnerability has been detected in oatpp up to 1.3.1. This impacts the function oatpp::data::type::ObjectWrapper::ObjectWrapper of the file src/oatpp/data/type/Type.hpp. The manipulation l… | |||
| CVE-2026-1417 | low | 3.3 | 3.3 | 4mo ago | A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dump_isom_rtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference.… |