Lucene search
K

1263 matches found

OSV
OSV
added 2026/07/06 6:26 a.m.4 views

OESA-2026-2827 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A use-after-free...

6.5CVSS6.1AI score0.00245EPSS
Exploits0References2
Circl
Circl
added 2026/07/01 2:48 a.m.5 views

CVE-2026-53214

creationtimestamp| type| source ---|---|--- 2026-07-01 02:48:37+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0812 2026-07-03 16:12:45+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqwsxy6vu2f...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References2
Circl
Circl
added 2026/07/01 2:47 a.m.6 views

CVE-2026-53150

creationtimestamp| type| source ---|---|--- 2026-07-01 02:47:52+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0812 2026-07-06 06:49:33+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260706...

5.5CVSS5.9AI score0.00128EPSS
Exploits0References2
Circl
Circl
added 2026/07/01 2:46 a.m.7 views

CVE-2026-52915

creationtimestamp| type| source ---|---|--- 2026-07-01 02:46:55+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0812 2026-07-06 06:24:01+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260706...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/19 10:55 a.m.9 views

EUVD-2026-38004

A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker could exploit this by...

6.5CVSS6AI score0.00245EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 10:55 a.m.48 views

CVE-2026-12706

CVE-2026-12706 , in FFmpeg’s RASC video decoder, is a heap use-after-free in the decode_move() path. The decoder initializes a read pointer into a decompressed buffer, but the buffer is reallocated during move-table processing, leaving the pointer dangling. An attacker could craft an AVI file wit...

6.5CVSS6AI score0.00245EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.20 views

PT-2026-50871

Name of the Vulnerable Software and Affected Versions FFmpeg affected versions not specified Description A use-after-free issue exists in the RASC video decoder. The decode move function initializes a read pointer into a decompressed buffer; however, a subsequent reallocation of that buffer durin...

6.5CVSS6AI score0.00245EPSS
Exploits0References8
OSV
OSV
added 2026/06/10 11:30 a.m.9 views

USN-8130-3 gst-plugins-base1.0 vulnerability

USN-8130-1 fixed a vulnerability in GStreamer Base Plugins. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that GStreamer Base Plugins incorrectly handled certain AVI media files. A remote attacker could use this issue to cause...

7.8CVSS7.7AI score0.00867EPSS
Exploits0References2
OSV
OSV
added 2026/06/02 11:59 a.m.9 views

USN-8130-2 gst-plugins-base1.0 vulnerability

USN-8130-1 fixed a vulnerability in GStreamer Base Plugins. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GStreamer Base Plugins incorrectly handled certain AVI media files. A remote attacker could use th...

7.8CVSS7.4AI score0.00867EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2026/06/02 11:59 a.m.13 views

USN-8130-2: GStreamer Base Plugins vulnerability

USN-8130-1 fixed a vulnerability in GStreamer Base Plugins. This update provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: It was discovered that GStreamer Base Plugins incorrectly handled certain AVI media files. A remote attacker could use th...

7.8CVSS7.4AI score0.00867EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.14 views

RockyLinux 10 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RLSA-2026:19024)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19024 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

8.8CVSS6.4AI score0.00867EPSS
Exploits0References15
Rockylinux
Rockylinux
added 2026/05/28 3:43 p.m.18 views

gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

An update is available for gstreamer1-plugins-ugly-free, gstreamer1-plugins-bad-free, gstreamer1-plugins-good, gstreamer1-plugins-base. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.8CVSS7.7AI score0.00867EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.17 views

TencentOS Server 3: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good (TSSA-2026:0391)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0391 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in ffmpeg

A memory corruption issue in the mpegmuxwritepacket function in libavformat/mpegenc.c of FFmpeg 4.2 can lead to a denial of service DOS attack through a specially crafted AVI file...

6.5CVSS6.3AI score0.00917EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2026/05/19 1:24 p.m.15 views

GStreamer: GStreamer: Arbitrary code execution via RIFF palette integer overflow in AVI file handling

A flaw was found in GStreamer. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. The flaw exists within the handling of palette data in AVI files, where a lack of proper validation of user-supplied data can lead to an integer overflow...

7.8CVSS7.6AI score0.00867EPSS
Exploits0References6
OSV
OSV
added 2026/05/19 12:0 a.m.10 views

ALSA-2026:19180 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS6.4AI score0.00867EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/19 12:0 a.m.10 views

RHEL 9 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free (RHSA-2026:19180)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19180 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References16
OSV
OSV
added 2026/05/19 12:0 a.m.12 views

ALSA-2026:19024 Important: gstreamer1-plugins-bad-free, gstreamer1-plugins-base, gstreamer1-plugins-good, and gstreamer1-plugins-ugly-free security update

GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer:...

8.8CVSS7.7AI score0.00867EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/05/18 7:58 p.m.11 views

CVE-2018-25323

Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH...

8.6CVSS6.4AI score0.00138EPSS
Exploits0References1
NVD
NVD
added 2026/05/17 1:16 p.m.11 views

CVE-2018-25322

Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the...

8.6CVSS0.00148EPSS
Exploits0References4
Rows per page
Query Builder