Lucene search
+L

1254 matches found

Nuclei
Nuclei
added yesterday13 views

Schneider Electric U.motion Builder - SQL Injection

The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter. id: CVE-2018-7765 info: name: Schneider Electric U.motion...

8.8CVSS8.2AI score0.02917EPSS
Exploits3References2
Chainguard
Chainguard
added 2026/07/09 8:31 p.m.7 views

CVE-2026-10532 vulnerabilities

Vulnerabilities for packages: airbyte-server-fips, s3proxy-fips, nextflow, nacos, zookeeper, keycloak-config-cli, nacos-docker, kafbat-ui-fips, cassandra, dependency-track-apiserver, s3proxy, apache-nifi-registry, apache-nifi, sonar-scanner-cli, management-api-for-apache-cassandra-4.0, thingsboar...

6.3CVSS5.1AI score0.00342EPSS
Exploits0
Chainguard
Chainguard
added 2026/07/09 8:31 p.m.21 views

GHSA-JHQ6-GFMJ-V8FX vulnerabilities

Vulnerabilities for packages: airbyte-server-fips, s3proxy-fips, nextflow, nacos, zookeeper, keycloak-config-cli, nacos-docker, kafbat-ui-fips, cassandra, dependency-track-apiserver, s3proxy, apache-nifi-registry, apache-nifi, sonar-scanner-cli, management-api-for-apache-cassandra-4.0, thingsboar...

5.3AI score
Exploits0
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.33 views

CVE-2026-36909

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.0012EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 12:0 a.m.16 views

CVE-2026-36909

Summary of CVE-2026-36909 (MPC-BE): A NULL pointer dereference in the AP4_TkhdAtom::GetTrackId() function in Aleksoid1978 MPC-BE prior to commit 4341cb3 allows a crafted MP4 file to trigger a Denial of Service. Affected component: MPC-BE (Aleksoid1978). Root cause: NULL pointer dereference in Get...

6.2CVSS5.8AI score0.0012EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/06/30 12:0 a.m.9 views

The vulnerability of the gf_isom_add_track_kind() function in the isomedia/isom_write.c file, implemented by the MP4Box encoder for the GPAC multimedia platform, allows a malicious actor to cause service interruptions using a specially created MP4 file.

The vulnerability of the gfisomaddtrackkind function in the isomedia/isomwrite.c file, belonging to the MP4Box encoder of the GPAC multimedia platform, is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause service failures through the use of a...

7.8CVSS5.9AI score0.00352EPSS
Exploits1References7Affected Software2
OSV
OSV
added 2026/06/23 4:16 p.m.4 views

DEBIAN-CVE-2025-55639

GPAC MP4Box v2.4 was discovered to contain a NULL pointer dereference in the gfisomaddtrackkind function at isomedia/isomwrite.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.5CVSS5.9AI score0.00352EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.23 views

PT-2026-51526

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A NULL pointer dereference exists in the gf isom add track kind function within the isomedia/isom write.c file. This issue allows a remote attacker to trigger a Denial of Service DoS by processing a speciall...

7.8CVSS5.8AI score0.00352EPSS
Exploits1References16
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2025-210143

A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.2AI score0.00188EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2025-210153

A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.2AI score0.00188EPSS
Exploits1References3
NVD
NVD
added 2026/06/15 8:16 p.m.9 views

CVE-2025-55663

A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS0.00188EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.11 views

PT-2026-49280

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A segmentation violation in the Track SetStreamDescriptor function within the isomedia/track.c file allows attackers to cause a Denial of Service DoS by providing a specially crafted MP4 file. Recommendation...

5.5CVSS5.9AI score0.00188EPSS
Exploits1References4
OSV
OSV
added 2026/06/15 12:0 a.m.4 views

CVE-2025-55663

A segmentation violation in the TrackSetStreamDescriptor function isomedia/track.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.9AI score0.00188EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/06/15 12:0 a.m.10 views

CVE-2025-55643

A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.2AI score0.00188EPSS
Exploits1References1
OSV
OSV
added 2026/06/15 12:0 a.m.4 views

CVE-2025-55643

A NULL pointer dereference in the TrackWriter handling component filters/muxisom.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

5.5CVSS5.9AI score0.00188EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.16 views

CVE-2026-7740

A security vulnerability has been detected in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument trackid leads to denial of service. An attack has to be approached locally. The exploit has been disclosed...

4.8CVSS4.8AI score0.00113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.9 views

CVE-2026-7739

A weakness has been identified in justdan96 tsMuxer up to 2.7.0. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxerprev/tsMuxer/hevc.cpp. This manipulation of the argument trackid causes denial of service. The attack requires local access. The exploit has...

4.8CVSS5AI score0.00113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.11 views

CVE-2026-5451

The Extensions for Leaflet Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'elevation-track' shortcode in all versions up to, and including, 4.14. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

6.4CVSS5.7AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:11 p.m.12 views

CVE-2026-44482

soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an HTML payload executed locally in the Electron app. This means attacker-controlled SoundCloud track metadata can lead to local command execution on...

9.6CVSS5.8AI score0.00336EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

libheif 缓冲区错误漏洞

LibHEIF is a open-source decoder and encoder for the ISO/IEC 23008-12:2017 HEIF file format developed by Struktur. Versions of LibHEIF prior to 1.21.2 contain a buffer error vulnerability. This vulnerability arises from the fact that the number of samples declared in the saiz frame exceeds the...

8.1CVSS6AI score0.00302EPSS
Exploits1References2
Rows per page
Query Builder