986 matches found
Information disclosure
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination...
Input validation
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution...
CVE-2022-42846
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination...
CVE-2022-46694
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution...
Debian DSA-5281-1 : nginx - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5281 advisory. It was discovered that parsing errors in the mp4 module of Nginx, a high-performance web and reverse proxy server, could result in denial of service, memory...
PT-2022-17455 · Qualcomm · Snapdragon Wearables +5
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions affected versions not specified Description: The issue is related to information disclosure in video due to a buffer over-read while parsing avi files. This affects various Qualcomm Snapdragon products, including...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : nginx vulnerabilities (USN-5722-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5722-1 advisory. It was discovered that nginx incorrectly handled certain memory operations in the ngxhttpmp4module module. A local...
CVE-2022-41742
A vulnerability was found in NGINX’s module, ngxhttpmp4module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngxhttpmp4module...
Denial Of Service (DoS)
libde265.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a heap-buffer-overflow in the putunweightedpred16fallback function in fallback-motion.cc, which allows a remote attacker to crash the application via a malicious video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service. The vulnerability exists due to a segmentation violation in the applysaointernal function of sao.cc which allows a remote attacker to crash the application via a malicious video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service DoS. A heap-based-buffer-overflow vulnerability is due the putepelhvfallback function in fallback-motion.cc, which allows a remote attacker to cause denial of service conditions via a crafted video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service. The vulnerability exists due to heap-buffer-overflow in the ffhevcputweightedpredavg8sse function in sse-motion.cc, which allows a remote attacker to crash the application via a malicious video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service DoS attacks. A heap-based-buffer-overflow vulnerability exists due the putqpel00fallback16 function i fallback-motion.cc, which allows a remote attacker to cause denial of service via a crafted video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service DoS. A heap-based-buffer-overflow vulnerability exists due to the function putweightedpredavg16fallback in fallback-motion.cc, which allows a remote attacker to cause denial of service via a crafted video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service DoS. A heap-based-buffer-overflow vulnerability exists due to the putqpelfallback function in fallback-motion.cc which allows a remote attacker to cause denial of service via a crafted video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service DoS attacks. A malicious user is able cause an application crash via a crafted video file through the ffhevcputhevcqpelh3v3sse function in sse-motion.cc...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service DoS attacks. A heap-based-buffer-overflow vulnerability exists due to the mcluma function in motion.cc, which allows a remote attacker to cause denial of service via crafted video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service. The vulnerability exists due to stack-buffer overflow in the putepelhvfallback function in fallback-motion.cc, allowing an attacker to crash the application through a maliciously crafted video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service. The vulnerability exists due to a stack-buffer overflow in the putqpelfallback function of fallback-motion.cc, allowing an attacker to crash the application through a maliciously crafted video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service. The vulnerability exists due to heap-buffer-overflow in the putepel16fallback function of fallback-motion.cc, allowing an attacker to crash the application through a maliciously crafted video file...