CVE-2025-7895

A vulnerability, which was classified as critical, was found in harry0703 MoneyPrinterTurbo up to 1.2.6. Affected is the function uploadbgmfile of the file app/controllers/v1/video.py of the component File Extension Handler. The manipulation of the argument File leads to unrestricted upload. It i...

CVE-2025-7568

A vulnerability was found in qianfox FoxCMS up to 1.2.5. It has been classified as critical. Affected is the function batchCope of the file app/admin/controller/Video.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has be...

ROS-20250625-01

Vulnerability of ffhevcputweightedpredavg8sse function of h.265 Libde265 video codec implementation is related to operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service using a specially crafted vid...

The vulnerability of the demultiplexer for AVI files in the libavformat library of the Ffmpeg multimedia library allows a hacker to cause a service failure.

The vulnerability of the demultiplexer for AVI files in the libavformat library of the FFmpeg multimedia library is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-52613

A heap-based buffer under-read in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to cause Denial of Service DoS via a crafted MOV video file...

CVE-2024-40846

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. Processing a maliciously crafted video file may lead to unexpected app termination...

CVE-2024-57184

An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gfm2tsprocesspmt in mediatools/mpegts.c:2163 that can cause a denial of service DOS via a crafted MP4 file...

CVE-2024-44232

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Parsing a maliciously crafted video file may lead to unexpected...

CVE-2024-44157

A stack buffer overflow was addressed through improved input validation. This issue is fixed in Apple TV 1.5.0.152 for Windows, iTunes 12.13.3 for Windows. Parsing a maliciously crafted video file may lead to unexpected system termination...

CVE-2024-41217

A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02-00-45 allows attackers to cause Denial of Service DoS via a crafted MKV video file...

CVE-2024-49776

A negative-size-param in tsMuxer version nightly-2024-04-05-01-53-02 allows attackers to cause Denial of Service DoS via a crafted TS video file...

CVE-2024-44234

The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Parsing a maliciously crafted video file may lead to unexpected...

CVE-2022-43248

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putweightedpredavg16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43249

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43235

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ffhevcputhevcepelpixels8sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43238

Libde265 v1.0.8 was discovered to contain an unknown crash via ffhevcputhevcqpelh3v3sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43240

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ffhevcputhevcqpelh2v1sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43250

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putqpel00fallback16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43252

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putepel16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2019-9720

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf...