Video Security Vulnerabilities
7.5CVSS
7.5AI Score
0.0005EPSS
7.1CVSS
6.8AI Score
0.0004EPSS
Memory corruption in Trusted Execution Environment while deinitializing an object used for license...
7.8CVSS
7.2AI Score
0.0004EPSS
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the feedzy dashboard in all versions up to, and including, 4.4.1. This makes it possible for...
4.3CVSS
5.2AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through...
6.5CVSS
5.4AI Score
0.0004EPSS
The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'get_view'...
9.8CVSS
9.8AI Score
0.008EPSS
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local...
8.8CVSS
7.7AI Score
0.0004EPSS
The Video PopUp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'video_popup' shortcode in versions up to, and including, 1.1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...
6.4CVSS
5.2AI Score
0.001EPSS
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.2 due to insufficient input sanitization and output escaping. This makes...
6.4CVSS
5.2AI Score
0.0004EPSS
The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to unauthorized settings update due to a missing capability check when updating settings in all versions up to, and including, 4.3.2. This makes it possible for...
5.4CVSS
5.5AI Score
0.0004EPSS
Cross Site Scripting (XSS) vulnerability in AVA teaching video application service platform version 3.1, allows remote attackers to execute arbitrary code via a crafted script to...
6.1CVSS
6.1AI Score
0.001EPSS
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and...
8.8CVSS
8.8AI Score
0.001EPSS
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and...
8.8CVSS
8.9AI Score
0.0005EPSS
The Depicter Slider – Responsive Image Slider, Video Slider & Post Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for...
4.3CVSS
4.6AI Score
0.001EPSS
Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next...
7.5CVSS
7.5AI Score
0.0004EPSS
Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem...
8.4CVSS
7.8AI Score
0.0004EPSS
Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST...
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCS_LOAD_MODULE...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption when resource manager sends the host kernel a reply message with multiple...
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption while running NPU, when NETWORK_UNLOAD and (NETWORK_UNLOAD or NETWORK_EXECUTE_V2) commands are submitted at the same...
8.4CVSS
7.9AI Score
0.0004EPSS
Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects...
8.4CVSS
7.8AI Score
0.0004EPSS
Transient DOS while processing a WMI P2P listen start command (0xD00A) sent from...
7.5CVSS
7.6AI Score
0.0005EPSS
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA...
7.5CVSS
7.5AI Score
0.0005EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0004EPSS
The Html5 Video Player WordPress plugin before 2.5.19 does not sanitise and escape some of its player settings, which combined with missing capability checks around the plugin could allow any authenticated users, such as low as subscribers to perform Stored Cross-Site Scripting attacks against...
5.4CVSS
5.2AI Score
0.0004EPSS
An improper handling of a malformed API answer packets to API clients in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS) situation. To exploit this vulnerability an attacker has to replace an existing API server e.g. through Man-in-the-Middle...
5.9CVSS
5.7AI Score
0.001EPSS
An improper handling of a malformed API request to an API server in Bosch BT software products can allow an unauthenticated attacker to cause a Denial of Service (DoS)...
7.5CVSS
7.5AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ternstyle LLC Automatic Youtube Video Posts Plugin allows Stored XSS.This issue affects Automatic Youtube Video Posts Plugin: from n/a through...
5.9CVSS
5.4AI Score
0.0004EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mr. Hdwplayer HDW Player Plugin (Video Player & Video Gallery) allows Reflected XSS.This issue affects HDW Player Plugin (Video Player & Video Gallery): from n/a through...
7.1CVSS
6.5AI Score
0.0005EPSS
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network...
6.5CVSS
6.5AI Score
0.0004EPSS
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information via network...
4.9CVSS
4.7AI Score
0.0005EPSS
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network...
7.1CVSS
6AI Score
0.0005EPSS
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network...
8.8CVSS
8.8AI Score
0.0005EPSS
Memory corruption while submitting a large list of sync points in an AUX command to the...
Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected...
8.4CVSS
7.8AI Score
0.0004EPSS
Transient DOS while parsing WPA IES, when it is passed with length more than expected...
7.5CVSS
7.5AI Score
0.0004EPSS
8.4CVSS
7.8AI Score
0.0004EPSS
7.5CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.1CVSS
5.6AI Score
0.0004EPSS
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management...
7.5CVSS
7.5AI Score
0.0004EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.5CVSS
7.5AI Score
0.0005EPSS
7.5CVSS
7.5AI Score
0.0005EPSS