53 matches found
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation by Codecs, which could allow remote attackers to exploit cross-source data throug...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability, which was caused by improper implementation of the Media component. This vulnerability could allow remote attackers to bypass the origin policy using...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.179 contained a security vulnerability caused by GFX type confusion, which could allow remote attackers to achieve sandbox escape through specially crafted video files...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability. This vulnerability stemmed from excessive reading by WebCodecs, which could allow remote attackers to execute out-of-bound memory reads through...
AlmaLinux 9 : nginx:1.26 (ALSA-2026:7343)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7343 advisory. nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files CVE-2026-32647 NGINX: NGINX: Denial of Service or file modification via...
CVE-2026-6362
CVE-2026-6362 involves a memory safety defect in Google Chrome’s Codecs component (Chromium). A use-after-free in Codecs could enable a remote attacker to cause out-of-bounds memory access by parsing a specially crafted video file. The issue affects Chrome/Chromium releases prior to the patched b...
RLSA-2026:6907 Important: nginx:1.24 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files CVE-2026-32647 NGINX: NGINX: Denial of Service or file...
RHEL 9 : nginx (RHSA-2026:7002)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7002 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...
nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files
A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability caused by Media integer overflow. This vulnerability could allow remote attackers to exploit heap corruption through specially crafted video...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability due to insufficient Media data validation. This vulnerability could allow remote attackers to perform out-of-bound memory reads through specially crafted vid...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability caused by Media integer overflow. This vulnerability could allow remote attackers to exploit heap corruption through specially crafted video...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability caused by Media integer overflow. This vulnerability could allow remote attackers to exploit heap corruption through specially crafted video...
Important: nginx:1.24 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files CVE-2026-32647 NGINX: NGINX: Denial of Service or file...
nginx security update
2:1.26.3-2.0.1.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-6 - Resolves: RHEL-157874 CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files 2:1.26.3-5 - Resolves: RHEL-159433 CVE-2026-27651 nginx: NGINX: Denial of Service via...
CVE-2019-25645 WinAVI iPod 3GP MP4 PSP Converter 4.4.2 Denial of Service
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows local attackers to crash the application by processing malformed AVI files. Attackers can create a specially crafted AVI file with an oversized buffer and load it through the Convert to iPhone function ...
CVE-2019-25617 Ease Audio Converter 5.30 Denial of Service via Audio Cutter
Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can create a crafted MP4 file containing an oversized buffer and load it through the Audio Cutter...
CVE-2019-25617
The CVE-2019-25617 entry involves Ease Audio Converter 5.30, specifically the Audio Cutter function. A crafted MP4 file with an oversized buffer can be loaded via the Audio Cutter interface, enabling a local attacker to crash the application (denial of service). The issue is described as a local,...
CVE-2019-25617 Ease Audio Converter 5.30 Denial of Service via Audio Cutter
Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function that allows local attackers to crash the application by processing malformed MP4 files. Attackers can create a crafted MP4 file containing an oversized buffer and load it through the Audio Cutter...
EUVD-2008-3813
Malware in sbrugna...