Astra Linux - уязвимость в ffmpeg

A flaw was discovered in FFmpeg’s HLS playlist parsing. This vulnerability allows for a denial of service through a maliciously crafted HLS playlist, which triggers a null pointer dereference during initialization...

Ubuntu 16.04 LTS : FFmpeg vulnerability (USN-7890-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7890-1 advisory. It was discovered that FFmpeg did not properly handle the parsing of certain malformed HLS playlists. If a user were tricked into opening a specially crafted HLS...

JLSEC-2025-143 A flaw was found in FFmpeg's HLS playlist parsing

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization...

EUVD-2023-58826

Malicious code in bioql PyPI...

CVE-2025-1050

Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of...

CVE-2025-1050 Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability

Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of...

(Pwn2Own) Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of HLS playlist data. The issue results from the lack of proper validatio...

PT-2025-15879 · Sonos · Sonos Era 300

Name of the Vulnerable Software and Affected Versions: Sonos Era 300 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. The specific flaw exists within the processing of HLS playlist data, resulti...

Unspecified Vulnerability in Ffmpeg (CNVD-2025-01669)

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg. An attacker can exploit this vulnerability to commit a denial of service by triggering a null pointer dereference during initialization of a...

CVE-2023-6603

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization...

CVE-2023-6603

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization...

UBUNTU-CVE-2023-6603

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization...

CVE-2023-6603 Ffmpeg: null pointer dereference in ffmpeg hls parsing

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization...

SUSE CVE-2016-1897

FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming HLS M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file...

FFmpeg arbitrary file read vulnerability analysis-vulnerability warning-the black bar safety net

Vulnerability analysis The vulnerability was originally developed by neex submitted to the HackerOne platform, and eventually get a 1000$bonus, the original link is https://hackerone.com/reports/226756 the. According to the authors, the exploitability of the vulnerability in the FFmpeg can handle...

Vulnerability warning | FFmpeg aeration arbitrary file read vulnerability-vulnerability warning-the black bar safety net

Recently a white hat in the HackerOne platform reported by ffmpeg vulnerability using ffmpeg HLS playlist processing way, can lead to local file exposure. Vulnerability description 6 on 24 May, the HackerOne platform named neex the white hat for the Russian social networking site VK. com reported...

arxius: another local file disclosure via ffmpeg

Summary The fix for https://hackerone.com/reports/242831 can be easily bypassed. It looks like you've banned file:// substring, which is not enough. Repro steps 1. Download genavi.py attached and run the script like this: python3 genavi.py /etc/passwd mustsandboxffmpeg.avi.mp4. 2. Visit...

The vulnerability of the FFmpeg multimedia library allows attackers to read arbitrary files or carry out attacks aimed at replacing the source code.

The vulnerability of the FFmpeg multimedia library lies in the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to perform attacks aimed at replacing the source material or reading arbitrary files using the Concat protocol in the HTTP Live Streaming HLS...