Suprema BioStar <2.8.2 - Local File Inclusion

Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files from the server via local file inclusion. id: CVE-2020-15050 info: name: Suprema BioStar 2.8.2 - Local File Inclusion author: gy741 severity: high description: Suprema BioStar before 2.8.2 Video Extensio...

CVE-2026-34577 Postiz: Unauthenticated Full-Read SSRF via /public/stream Endpoint with Trivially Bypassable Extension Check

Postiz is an AI social media scheduling tool. Prior to version 2.21.3, the GET /public/stream endpoint in PublicController accepts a user-supplied url query parameter and proxies the full HTTP response back to the caller. The only validation is url.endsWith'mp4', which is trivially bypassable by...

EUVD-2023-32913

Malicious code in bioql PyPI...

EUVD-2023-32914

Malicious code in bioql PyPI...

EUVD-2022-35375

Malicious code in bioql PyPI...

EUVD-2022-40625

Malicious code in bioql PyPI...

EUVD-2022-35399

Malicious code in bioql PyPI...

EUVD-2025-20598

Malicious code in bioql PyPI...

PT-2025-39387

Name of the Vulnerable Software and Affected Versions EmbedVideo Extension versions prior to 4.0.0 Description The EmbedVideo Extension for MediaWiki, which includes a parser function called ev and parser tags for embedding video clips, contains a flaw. Versions 4.0.0 and earlier permit the...

CVE-2025-48806

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally...

CVE-2025-48805

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally...

CVE-2025-48805

Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally...

CVE-2025-48806

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally...

CVE-2025-48806 Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability

...

CVE-2025-48805 Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability

...

CVE-2025-48805

CVE-2025-48805 describes a heap-based buffer overflow in the Microsoft MPEG-2 Video Extension that could allow an authorized local attacker to execute code. The provided Connected Documents do not supply additional technical details (no vendor, product version, root-cause, specific vulnerable com...

Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability

Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally...

PT-2025-28539 · Microsoft · Mpeg-2 Video Extension +1

Name of the Vulnerable Software and Affected Versions: Microsoft MPEG-2 Video Extension affected versions not specified Description: The issue is related to a use after free condition in the Microsoft MPEG-2 Video Extension, which allows an authorized attacker to execute code locally...

Microsoft MPEG-2 Video Extension 资源管理错误漏洞

Microsoft MPEG-2 Video Extension is a Microsoft Corporation USA playback of MPEG video in popular video applications on Windows 10 devices. A resource management error vulnerability exists in Microsoft MPEG-2 Video Extension. An attacker exploiting this vulnerability could remotely execute code...

PT-2025-28538 · Microsoft · Mpeg-2 Video Extension +1

Name of the Vulnerable Software and Affected Versions: Microsoft MPEG-2 Video Extension affected versions not specified Description: The issue is related to a heap-based buffer overflow in the Microsoft MPEG-2 Video Extension, which allows an authorized attacker to execute code locally...