SUSE SLED15 / SLES15 Security Update : ffmpeg-4 (SUSE-SU-2026:2445-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2445-1 advisory. This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File...

ffmpeg-4-4.4.7-2.1 on GA media (moderate)

ffmpeg-4-4.4.7-2.1 on GA media Announcement ID: openSUSE-SU-2026:10866-1 Rating: moderate Cross-References: CVE-2024-35366 CVE-2025-10256 CVE-2025-1594 CVE-2025-9951 CVSS scores: CVE-2024-35366 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2024-35366 SUSE : 6.9...

CVE-2026-1594

A security vulnerability has been detected in itsourcecode Society Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/addexpenses.php. The manipulation of the argument detail leads to sql injection. Remote exploitation of the attack is possible. The...

CVE-2026-1594

creationtimestamp| type| source ---|---|--- 2026-01-29 18:09:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdlf3asnx426...

Debian dsa-6007 : ffmpeg - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6007 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6007-1 [email protected] https://www.debian.org/securit...

CVE-2025-1594 vulnerabilities

Vulnerabilities for packages: ffmpeg...

Advisory ROSA-SA-2025-2949

software: ffmpeg 4.4.6 OS: ROSA-CHROME unaffected versions = ffmpeg-4.4.6-1 affected versions ffmpeg-4.4.6-1 CVE-ID: CVE-2025-1594 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A buffer overflow vulnerability in FFmpeg allows a remote attacker to initiate an attack via the ffaacsearchfortns function in...

CVE-2022-1594

The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL...

CVE-2003-1594

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session...

Linux Distros Unpatched Vulnerability : CVE-2014-1594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 might allow remote attackers to execute arbitrary...

CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-1594 FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflow

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

CVE-2025-1594

FFmpeg has a CVE-2025-1594 stack-based buffer overflow in the AAC Encoder (AACENC) via ff_aac_search_for_tns in libavcodec/aacenc_tns.c. It supports remote exploitation and the exploit has been disclosed publicly. Public advisories indicate affected software: FFmpeg up to 7.1. Debian has released...

Fedora 37 : admesh (2022-47e298b59f)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-47e298b59f advisory. Security fix for TALOS-2022-1594. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

CVE-2024-1594

creationtimestamp| type| source ---|---|--- 2024-04-18 06:48:53+00:00| seen| https://t.me/arpsyndicate/4711 2025-02-06 02:39:18+00:00| seen| Telegram/r1wKJXjH2pTO0xeaSE1QheSc4QAYiX6QzNohFiLFxNX558lD...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +345 more potentially affected by CVE-2024-1594 via mlflow (>=0.8.2 <=2.9.2)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2024-1594 Source advisory: OSV:GHSA-M49C-5C52-6696...

CVE-2024-1594

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the artifactlocation parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component in the artifact location URI to read arbitrary files on the...

CVE-2024-1594

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the artifactlocation parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component in the artifact location URI to read arbitrary files on the...

CVE-2024-1594

CVE-2024-1594 is a path traversal vulnerability in mlflow/mlflow related to handling of artifact_location when creating an experiment. The connected OSV entry states that a fragment component # in the artifact URL can be used to bypass validation and allow reading arbitrary files on the server wi...

CVE-2024-1594 Local File Read via Path Traversal in mlflow/mlflow

A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the handling of the artifactlocation parameter when creating an experiment. Attackers can exploit this vulnerability by using a fragment component in the artifact location URI to read arbitrary files on the...