Debian: Security Advisory (DLA-2136-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2136-1 : libvpx security update

It was discovered that there was an out-of-bounds buffer read vulnerability in libvpx, a library implementing the VP8 & VP9 video codecs. For Debian 8 'Jessie', this issue has been fixed in libvpx version 1.3.0-3+deb8u3. We recommend that you upgrade your libvpx packages. NOTE: Tenable Network...

EulerOS 2.0 SP8 : libvpx (EulerOS-SA-2020-1185)

According to the version of the libvpx package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libvpx provides the VP8/VP9 SDK, which allows you to integrate your applications with the VP8 and VP9 video codecs, high quality, royalty free, open...

Fedora: Security Advisory for libvpx (FEDORA-2020-6cd410d9e4)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: libvpx-1.8.2-1.fc30

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applica tions with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs deployed on millions of computers and devices worldwide...

OPENSUSE-SU-2020:0024-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: ffmpeg-4 was updated to version 4.0.5, fixes boo1133153 - CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 allowed remote attackers to cause a denial of service out-of-array access or possibly have...

[SECURITY] Fedora 31 Update: libvpx-1.8.2-1.fc31

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applica tions with the VP8 and VP9 video codecs, high quality, royalty free, open source codecs deployed on millions of computers and devices worldwide...

Spelevo exploit kit debuts new social engineering trick

2019 has been a busy year for exploit kits, despite the fact that they haven't been considered a potent threat vector for years, especially on the consumer side. This time, we discovered the Spelevo exploit kit with its virtual pants down, attempting to capitalize on the popularity of adult...

Microsoft Windows Codecs Library Information Disclosure (CVE-2018-8506)

An information disclosure vulnerability exists in Windows Codecs Library. The vulnerability is due to improper handling of objects in memory. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted image file. Successful exploitation could result in the...

Design/Logic Flaw

DISPUTED An issue was discovered in wcd9335codecenabledec in sound/soc/codecs/wcd9335.c in the Linux kernel through 5.1.5. It uses kstrndup instead of kmemdupnul, which allows attackers to have an unspecified impact via unknown vectors. NOTE: The vendor disputes this issues as not being a...

[SECURITY] Fedora 29 Update: libmediainfo-18.12-3.fc29

This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio:...

[SECURITY] Fedora 28 Update: libmediainfo-18.12-3.fc28

This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio:...

CVE-2019-8378

An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4BitStream::ReadBytes in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service...

CVE-2019-8378

The CVE-2019-8378 entry covers Bento4 1.5.1-628 with a heap-based buffer over-read in AP4_BitStream::ReadBytes() (Codecs/Ap4BitStream.cpp). A crafted file sent to the aac2mp4 binary can trigger a Segmentation fault, causing a Denial of Service, with possible unspecified other impact. Connected re...

CVE-2019-7699

A heap-based buffer over-read occurs in AP4BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted mp4 input, which leads to a denial of service...

CVE-2019-7699

The CVE-2019-7699 issue affects Bento4 (v1.5.1-627). A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes (Codecs/Ap4BitStream.cpp), which remote attackers can exploit by supplying crafted MP4 input to trigger an exception and cause a denial of service. Public sources consistently de...

The vulnerability of the Microsoft Windows Codecs library in the Windows operating system allows a hacker to gain access to confidential information.

The vulnerability of the Microsoft Windows Codecs library in the Windows operating system is related to errors in memory object handling mechanisms. Exploiting this vulnerability can allow an attacker to access confidential information through a specially crafted image file...

#OTTuesday: Five Technologies Shaping the Future of OTT

The world of OTT is changing radically with new innovations, from player technologies to standards convergence, propelling the industry forward. As 2018 comes to a close, AkamaiTV sat down with DASH legend and Akamai's very own Will Law to get his pulse on the major trends and technologies that a...

CVE-2018-8506

An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka "Microsoft Windows Codecs Library Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019...

CVE-2018-8506

An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka "Microsoft Windows Codecs Library Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019...