Lucene search
K

6 matches found

OSV
OSV
added 2026/06/12 12:26 p.m.7 views

OESA-2026-2665 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: When calculating the...

8.7CVSS5.8AI score0.00172EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/27 3:10 p.m.10 views

CVE-2026-44353 Streamlink: Arbitrary local file read via file:// URI in HLS and DASH

Streamlink is a CLI utility which pipes video streams from various services into a video player. Prior to 8.4.0, Streamlink's HLS and DASH parsers do not validate the URI scheme of segment entries and other resources. A remote .m3u8 HLS playlist or .mpd DASH manifest can list file:///path/to/file...

6.5CVSS5.8AI score0.00345EPSS
Exploits1References1
Snyk
Snyk
added 2025/10/06 8:44 a.m.3 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the resolvecontentpath process. An attacker can cause a write operation to occur one byte past the end of a heap-allocated buffer by crafting a specially designed MPEG-DASH manifest that triggers the appending of ...

8.7CVSS6.8AI score0.00172EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/06 12:0 a.m.6 views

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg that stems from an out-of-bounds NUL byte write in the content path calculation when processing MPEG-DASH manifests, which could lead to memory...

8.7CVSS4.8AI score0.00172EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.4 views

PT-2025-40874

Name of the Vulnerable Software and Affected Versions Software versions prior to 8.0 Description An issue exists in the handling of MPEG-DASH manifests where an out-of-bounds NUL-byte write occurs one byte past the end of the buffer. This happens during the calculation of the content path. The...

8.7CVSS6.6AI score0.00172EPSS
Exploits0References56
Veracode
Veracode
added 2024/03/11 5:19 a.m.19 views

Null Pointer Deference

libgpac.so is vulnerable to Null Pointer Deference. The vulnerability is due to the gfdashsetupperiod function within dashclient.c which has no validation when parsing DASH manifest files to ensure values are non-null before accessing their properties. This flaw allow attackers to craft malicious...

9.8CVSS6.9AI score0.01101EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder