FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version 7.1 and earlier versions, which originates from the ffaacsearchfortns function in the libavcodec/aacenctns.c file of the AAC Encoder...

PT-2025-15608 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Media Encoder versions 25.1, 24.6.4 and earlier Description: The issue is an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user...

PT-2025-15609 · Adobe · Media Encoder

Name of the Vulnerable Software and Affected Versions: Media Encoder versions 25.1, 24.6.4 and earlier Description: The issue is a Heap-based Buffer Overflow that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, whe...

libx264 安全漏洞

VideoLAN libx264 is a very popular H.264/AVC video encoder from VideoLAN. A security vulnerability exists in libx264 that stems from the presence of an improperly freed AAC file memory, which can lead to arbitrary code execution...

[SECURITY] Fedora 41 Update: libheif-1.19.5-3.fc41

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

[SECURITY] Fedora 40 Update: jpegxl-0.8.4-1.fc40

This package contains a reference implementation of JPEG XL encoder and decoder...

CVE-2024-45560

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer...

CVE-2019-5127

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...

CVE-2019-5129

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...

CVE-2019-5128

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...

CVE-2024-45560

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer...

CVE-2024-45560

CVE-2024-45560 affects Qualcomm chipsets (Snapdragon) with a hardware encoder when taking a snapshot. The root cause is memory corruption caused by an unvalidated userspace buffer in the snapshot path. The vulnerability is described with local attack vector, high impact to confidentiality, integr...

CVE-2024-45560 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while taking a snapshot with hardware encoder due to unvalidated userspace buffer...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from an unverified user space buffer and memory corruption when taking snapshots using a hardware encoder...

PT-2025-2710 · Qualcomm · Snapdragon +34

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs when taking a snapshot with a hardware encoder. This corruption is caused by an unvalidated userspace...

PT-2025-14366

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns out-of-bound accesses in the Linux kernel, specifically in the drm/amd/display component. The problem arises because hpo stream to link encoder mapping has a size of M...

[SECURITY] Fedora 41 Update: jpegxl-0.10.4-1.fc41

This package contains a reference implementation of JPEG XL encoder and decoder...

OESA-2025-1079 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: ext4: don't set SBRDONLY after filesystem errors When the filesystem is mounted with errors=remount-ro, we were setting SBRDONLY flag to stop all filesystem...

PT-2025-7657

Name of the Vulnerable Software and Affected Versions FFmpeg versions up to 7.1 Description A critical vulnerability was found in FFmpeg, affecting the function ff aac search for tns of the file libavcodec/aacenc tns.c of the component AAC Encoder. The manipulation leads to a stack-based buffer...

SUSE CVE-2024-56608

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21linkencodercreate' An issue was identified in the dcn21linkencodercreate function where an out-of-bounds access could occur when the hpdsource index was used to reference the...