PT-2025-23229 · Navidrome · Navidrome

Name of the Vulnerable Software and Affected Versions: Navidrome versions prior to 0.56.0 Description: A permission verification flaw in Navidrome allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including...

navidrome -- transcoding permission bypass vulnerability

Deluan Quintão reports: A permission verification flaw in Navidrome allows any authenticated regular user to bypass authorization checks and perform administrator-only transcoding configuration operations, including creating, modifying, and deleting transcoding settings...

Scale Transcoding and AI Workloads with GPU Kubernetes Clusters

...

Qnap QTS Remote Code Execution (CVE-2017-13067)

QNAP has patched a remote code execution vulnerability affecting the QTS Media Library in all versions prior to QTS 4.2.6 build 20170905 and QTS 4.3.3.0299 build 20170901. This particular vulnerability allows a remote attacker to execute commands on a QNAP NAS using a transcoding service on port...

CVE-2024-34731

In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

How To Lower Your Live Video Transcoding Costs

...

Lower Video Transcoding Costs with Dedicated Linode Instances

Discover how to slash video transcoding costs by 33% with dedicated compute instances and learn effective strategies to reduce egress fees and optimize VM utilization...

Ateme TITAN File 3.9 - SSRF File Enumeration

Exploit Title: Ateme TITAN File 3.9 - SSRF File Enumeration Exploit Author: LiquidWorm Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.9.12.4 3.9.11.0 3.9.9.2 3.9.8.0 Summary: TITAN File is a multi-codec/format video transcoding software, for mezzanine, STB and ABR VOD,...

Ateme TITAN File 3.9 Job Callbacks SSRF File Enumeration

Summary TITAN File is a multi-codec/format video transcoding software, for mezzanine, STB and ABR VOD, PostProduction, Playout and Archive applications. TITAN File is based on ATEME 5th Generation STREAM compression engine and delivers the highest video quality at minimum bitrates with accelerate...

Weak Password Vulnerability in MTS Transcoding Server of Suzhou Kodak Technology Co.

Ltd. is a leading provider of video and security products and solutions, committed to video conferencing, video surveillance and a wealth of video application solutions to help all kinds of government and enterprise customers to solve the visual communication and management challenges. A weak...

Ltd. Huawei digital security video transcoding access gateway information leakage vulnerabilities

Ltd. business scope includes: computer software, hardware and accessories technology development, sales, technical advice, technical maintenance; computer system integration; database. Shenzhen Huawei Digital Security Technology Co., Ltd. Huawei Digital Security video transcoding access gateway...

Weak Password Vulnerability in Transcoding Server Configuration Management System of Zhejiang YUV Technology Co.

Founded in 2011, Zhejiang Yusi Technology Co., Ltd Yusi is a global solution provider for public safety and intelligent transportation. A weak password vulnerability exists in the configuration management system of the transcoding server of Zhejiang YUV Technology Co. Ltd, which can be exploited ...

File Upload Vulnerability in Seven Bears Library System v3.4

Seven bears is similar to Baidu library, can realize the document sharing, selling library CMS system. After the user uploads the source document, seven bears will automatically transcode the document into HTML, after the success of the document HTML back to the library CMS. to realize...

Arbitrary File Read Vulnerability in MTS Transcoding Server of Suzhou Kedar Technology Co.

Ltd. is a provider of video and security products and solutions, dedicated to video conferencing, video surveillance and video application solutions to help various government and enterprise customers to solve visual communication and management challenges. An arbitrary file read vulnerability...

FreeBSD : asterisk -- Remote Crash Vulnerability in audio transcoding (7d53d8da-d07a-11e9-8f1a-001999f8d30b)

The Asterisk project reports : When audio frames are given to the audio transcoding support in Asterisk the number of samples are examined and as part of this a message is output to indicate that no samples are present. A change was done to suppress this message for a particular scenario in which...

Asterisk Audio Transcoding DoS Vulnerability (AST-2019-005)

Asterisk is prone to a denial of service vulnerability in audio transcoding. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

asterisk -- Remote Crash Vulnerability in audio transcoding

The Asterisk project reports: When audio frames are given to the audio transcoding support in Asterisk the number of samples are examined and as part of this a message is output to indicate that no samples are present. A change was done to suppress this message for a particular scenario in which...

Video - Critical - Remote Code Execution - SA-CONTRIB-2019-037

This module provides a field where editors can add videos to their content and this module offers functionality to transcode these videos to different sizes and formats. The module doesn't sufficiently sanitize some user input on administrative forms...

Subsonic cross-site scripting vulnerability (CNVD-2018-20096)

Subsonic is a media file hosting platform developed and maintained by software developer Sindre Mehus. A cross-site scripting vulnerability exists in the settings of the translation code in Subsonic version 6.1.1. A remote attacker can exploit the vulnerability by sending multiple parameters to t...

Cross site scripting

An issue was discovered in Subsonic 6.1.1. The transcoding settings are affected by five stored cross-site scripting vulnerabilities in the namex, sourceformatsx, targetFormatx, step1x, and step2x parameters where x is an integer to transcodingSettings.view that could be used to steal session...