1254 matches found
Schneider Electric U.motion Builder - SQL Injection
The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter. id: CVE-2018-7765 info: name: Schneider Electric U.motion...
CVE-2026-10532 vulnerabilities
Vulnerabilities for packages: airbyte-server-fips, s3proxy-fips, nextflow, nacos, zookeeper, keycloak-config-cli, nacos-docker, kafbat-ui-fips, cassandra, dependency-track-apiserver, s3proxy, apache-nifi-registry, apache-nifi, sonar-scanner-cli, management-api-for-apache-cassandra-4.0, thingsboar...
GHSA-JHQ6-GFMJ-V8FX vulnerabilities
Vulnerabilities for packages: airbyte-server-fips, s3proxy-fips, nextflow, nacos, zookeeper, keycloak-config-cli, nacos-docker, kafbat-ui-fips, cassandra, dependency-track-apiserver, s3proxy, apache-nifi-registry, apache-nifi, sonar-scanner-cli, management-api-for-apache-cassandra-4.0, thingsboar...
CVE-2026-36909
A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
CVE-2026-36909
Summary of CVE-2026-36909 (MPC-BE): A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function in Aleksoid1978 MPC-BE prior to commit 4341cb3 allows a crafted MP4 file to trigger a Denial of Service. Affected component: MPC-BE (Aleksoid1978). Root cause: NULL pointer dereference in Get...
The vulnerability of the gf_isom_add_track_kind() function in the isomedia/isom_write.c file, implemented by the MP4Box encoder for the GPAC multimedia platform, allows a malicious actor to cause service interruptions using a specially created MP4 file.
The vulnerability of the gfisomaddtrackkind function in the isomedia/isomwrite.c file, belonging to the MP4Box encoder of the GPAC multimedia platform, is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause service failures through the use of a...
DEBIAN-CVE-2025-55639
GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...
PT-2026-51526
Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A NULL pointer dereference exists in the gf isom add track kind function within the isomedia/isom write.c file. This issue allows a remote attacker to trigger a Denial of Service DoS by processing a speciall...
EUVD-2025-210143
A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
EUVD-2025-210153
A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55663
A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
PT-2026-49280
Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A segmentation violation in the Track SetStreamDescriptor function within the isomedia/track.c file allows attackers to cause a Denial of Service DoS by providing a specially crafted MP4 file. Recommendation...
CVE-2025-55663
A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55643
A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2025-55643
A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...
CVE-2026-7740
A security vulnerability has been detected in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument trackid leads to denial of service. An attack has to be approached locally. The exploit has been disclosed...
CVE-2026-7739
A weakness has been identified in justdan96 tsMuxer up to 2.7.0. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxerprev/tsMuxer/hevc.cpp. This manipulation of the argument trackid causes denial of service. The attack requires local access. The exploit has...
CVE-2026-5451
The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...
CVE-2026-44482
soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app. This means attacker-controlled SoundCloud track metadata can lead to local command execution on...
libheif 缓冲区错误漏洞
LibHEIF is a open-source decoder and encoder for the ISO/IEC 23008-12:2017 HEIF file format developed by Struktur. Versions of LibHEIF prior to 1.21.2 contain a buffer error vulnerability. This vulnerability arises from the fact that the number of samples declared in the saiz frame exceeds the...