CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2 days ago•31 views

CVE-2026-58049 FFmpeg - Out-of-Bounds Write in RASC Decoder decode_dlta()

8.8CVSS0.00278EPSS

NVD•added 2026/06/19 12:16 p.m.•13 views

CVE-2026-12706

A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker could exploit this by...

6.5CVSS0.00245EPSS

Exploits0References4

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the VP8 stateless decoder’s “smatch” warning. A “smatch” static checker warning was also fixed in vdecvp8reqif.c. This issue causes the kernel to crash when fb is set to NULL...

5.5CVSS6.1AI score0.00207EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in dav1d

An integer overflow occurs in the dav1d AV1 decoder, which can happen when decoding videos with a large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading to a version later than 1.4.0 of dav1d...

8.8CVSS6.7AI score0.01835EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: venus: vdec: A possible memory leak issue has been fixed. The implementation of venushelperallocdpbbufs allows for an early return on an error path when checking the ID from idaallocmin. This would prevent the earlier buff...

5.5CVSS6AI score0.00226EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Media: MediTech; vcodec: Fixed the H264 multi-stateless decoder’s match warning. A match static checker warning has been fixed in vdech264reqmultiif.c. This issue causes the kernel to crash when fb is NULL...

5.5CVSS6.1AI score0.00208EPSS

Positive Technologies•added 2026/02/23 12:0 a.m.•7 views

PT-2026-24787

Name of the Vulnerable Software and Affected Versions strukturag libheif versions up to 1.21.2 Description A flaw exists in strukturag libheif that allows for an out-of-bounds read. The issue resides in the vvdec push data2 function within the libheif/plugins/decoder vvdec.cc file of the HEIF Fil...

4.8CVSS5.6AI score0.00117EPSS

Exploits0References68

CNNVD•added 2026/02/20 12:0 a.m.•7 views

PJSIP 安全漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Versions of PJSIP 2.16 and earlier contained security vulnerabilities, which stemmed from a heap buffer...

9.3CVSS6.5AI score0.0029EPSS

ATTACKERKB•added 2026/02/12 5:41 p.m.•9 views

CVE-2024-36319

Debug code left active in AMD's Video Decoder Engine Firmware VCN FW could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system...

Cvelist•added 2026/02/12 5:41 p.m.•28 views

CVE-2024-36319

6.3CVSS0.00129EPSS

Exploits0References1

CVE•added 2026/02/12 5:41 p.m.•14 views

CVE-2024-36319

Summary: CVE-2024-36319 concerns debug code left active in AMD’s Video Decoder Engine Firmware (VCN FW). A crafted command could cause VCN FW to read/write HW registers, with potential impact to confidentiality, integrity, and availability. Affected component is the VCN FW in AMD graphics/VP-rela...

Vulnrichment•added 2026/02/12 5:41 p.m.•5 views

Exploits0References1

CVE-2024-36319

Positive Technologies•added 2026/02/12 12:0 a.m.•9 views

Exploits0References1

PT-2026-7876

Tenable Nessus•added 2026/01/22 12:0 a.m.•5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-47753)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47753 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix VP8 statele...

5.5CVSS6.6AI score0.00207EPSS

Tenable Nessus•added 2026/01/22 12:0 a.m.•5 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-47752)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47752 advisory. - In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix H264...

5.5CVSS6AI score0.00208EPSS

Redos•added 2025/11/17 12:0 a.m.•5 views

ROS-20251117-01

A vulnerability in the NVIDIA display driver is related to NULL pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Guest driver and Virtual GPU Manager components of the NVIDIA GPU driver is related to pointer...

5.5CVSS6.9AI score0.00205EPSS

Exploits0

Amazon•added 2025/11/05 12:0 a.m.•6 views

Important: nvidia-driver

Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use-after-free. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, and information disclosure. CVE-2025-23280...

7CVSS7.1AI score0.00224EPSS

Exploits0

SUSE CVE•added 2025/10/24 11:40 p.m.•6 views

SUSE CVE-2025-23345

NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an attacker might cause an out-of-bounds read. A successful exploit of this vulnerability might lead to information disclosure or denial of service...

4.4CVSS6.4AI score0.00146EPSS

EUVD•added 2025/10/23 9:31 p.m.•8 views

EUVD-2025-35724

4.4CVSS5.6AI score0.00146EPSS