426 matches found
CVE-2026-49246
Jellyfin is an open source self hosted media server. Prior to 10.11.10, a specifically crafted MKV file containing forged filename tags can be leveraged to exploit missing path sanitization during playback. Jellyfin treats the MKV file name tag on MKV attachments as trusted and passes it...
CVE-2026-49246 Jellyfin: Potential MKV attachment filename path traversal to RCE
Jellyfin is an open source self hosted media server. Prior to 10.11.10, a specifically crafted MKV file containing forged filename tags can be leveraged to exploit missing path sanitization during playback. Jellyfin treats the MKV file name tag on MKV attachments as trusted and passes it...
CVE-2026-49246
Jellyfin is an open source self hosted media server. Prior to 10.11.10, a specifically crafted MKV file containing forged filename tags can be leveraged to exploit missing path sanitization during playback. Jellyfin treats the MKV file name tag on MKV attachments as trusted and passes it...
Astra Linux – Vulnerability in gst-plugins-good1.0
DOS: Potential heap overwrite during MKV demuxing using BZIP decompression. Integer overflow in the Matroskademux element within the BZIP decompression function can cause a segfault, or it may lead to a heap overwrite, depending on the libc and operating system used. Depending on the libc used an...
Astra Linux – Vulnerability in gst-plugins-good1.0
DOS: Potential heap overwrite during MKV demuxing using LZO decompression. Integer overflow in the Matroskademux element within the LZO decompression function can cause a segfault, or potentially a heap overwrite, depending on the libc and operating system. Depending on the libc used and the...
MiracleLinux 9 : gstreamer1-plugins-good-1.18.4-6.el9 (AXSA:2023-5649:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5649:01 advisory. gstreamer-plugins-good: Potential heap overwrite in gstmatroskademuxaddwvpkheader CVE-2022-1920 gstreamer-plugins-good: Heap-based buffer overflow i...
CVE-2019-12874
An issue was discovered in zlibdecompressextra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free...
EUVD-2019-5275
Malware in sbrugna...
EUVD-2019-5262
Malware in sbrugna...
EUVD-2017-4322
Malware in sbrugna...
EUVD-2020-19206
Malware in sbrugna...
EUVD-2011-3847
Malware in sbrugna...
EUVD-2019-5261
Malware in sbrugna...
EUVD-2019-5378
Malware in sbrugna...
EUVD-2017-4339
Malware in sbrugna...
EUVD-2017-4319
Malware in sbrugna...
EUVD-2020-3476
Malware in sbrugna...
EUVD-2011-2987
Malware in sbrugna...
EUVD-2020-3547
Malware in sbrugna...
EUVD-2017-4321
Malware in sbrugna...