15 matches found
CVE-2025-68622
Espressif ESP-IDF USB Host UVC Class Driver allows video streaming from USB cameras. Prior to 2.4.0, a vulnerability in the esp-usb UVC host implementation allows a malicious USB Video Class UVC device to trigger a stack buffer overflow during configuration-descriptor parsing. When UVC...
CVE-2025-40016
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVCINVALIDENTITYID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. Each Unit and Terminal within the video function is assigned a unique...
Windows USB Video Class System Driver Information Disclosure Vulnerability
Generation of error message containing sensitive information in Windows USB Video Driver allows an authorized attacker to disclose information locally...
Microsoft Windows USB Video Class driver 缓冲区错误漏洞
Microsoft Windows USB Video Class driver is a driver for webcams or digital camcorders from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows USB Video Class driver. An attacker could exploit the vulnerability to obtain sensitive information. The following produc...
kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
A vulnerability was found in the Linux kernel's USB Video Class driver. A buffer for video frame data is allocated, which does not account for all of the frame formats contained in a video stream, leading to an out-of-bounds write when a stream includes frames with an undefined format. An attacke...
kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
A vulnerability was found in the Linux kernel's USB Video Class driver. A buffer for video frame data is allocated, which does not account for all of the frame formats contained in a video stream, leading to an out-of-bounds write when a stream includes frames with an undefined format. An attacke...
kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
A vulnerability was found in the Linux kernel's USB Video Class driver. A buffer for video frame data is allocated, which does not account for all of the frame formats contained in a video stream, leading to an out-of-bounds write when a stream includes frames with an undefined format. An attacke...
kernel: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format
A vulnerability was found in the Linux kernel's USB Video Class driver. A buffer for video frame data is allocated, which does not account for all of the frame formats contained in a video stream, leading to an out-of-bounds write when a stream includes frames with an undefined format. An attacke...
PT-2024-8153 · Microsoft · Windows Usb Video Class Driver +1
Name of the Vulnerable Software and Affected Versions: Windows USB Video Class Driver affected versions not specified Description: The issue is related to a buffer overflow in memory, allowing an attacker to potentially elevate their privileges. This could affect the system, enabling the attacker...
Microsoft Windows USB Video Class driver 缓冲区错误漏洞
Microsoft Windows USB Video Class driver is a driver for webcams or digital camcorders from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows USB Video Class driver. An attacker could exploit the vulnerability to elevate privileges. The following products and...
Microsoft Windows USB Video Class driver 缓冲区错误漏洞
Microsoft Windows USB Video Class driver is a driver for webcams or digital camcorders from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows USB Video Class driver. An attacker could exploit the vulnerability to elevate privileges. The following products and...
Microsoft Windows USB Video Class driver 缓冲区错误漏洞
Microsoft Windows USB Video Class driver is a driver for webcams or digital camcorders from Microsoft Corporation USA. A buffer error vulnerability exists in Microsoft Windows USB Video Class driver. An attacker could exploit the vulnerability to elevate privileges. The following products and...
kernel: avoid cyclic entity chains due to malformed USB descriptors
A flaw linked list corruption in the Linux kernel for USB Video Class driver functionality was found in the way user connects web camera to the USB port. A local user could use this flaw to crash the system...
CVE-2020-0404
A flaw linked list corruption in the Linux kernel for USB Video Class driver functionality was found in the way user connects web camera to the USB port. A local user could use this flaw to crash the system. Mitigation To mitigate this issue, prevent the module uvcvideo from being loaded. Please...
Debian DLA-1862-1 : linux security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2019-2101 Andrey Konovalov discovered that the USB Video Class driver uvcvideo did not consistently handle a type field in device descriptors, whic...