CVE-2022-43239

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mcchroma in motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43237

Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43240

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ffhevcputhevcqpelh2v1sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43244

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43248

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putweightedpredavg16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43249

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putepelhvfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43253

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putunweightedpred16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43238

Libde265 v1.0.8 was discovered to contain an unknown crash via ffhevcputhevcqpelh3v3sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43243

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ffhevcputweightedpredavg8sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

CVE-2022-43252

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via putepel16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted video file...

Denial Of Service (DoS)

nginx is vulnerable to denial of service. The module ngxhttpmp4module allows a local attacker to cause a worker process to crash, trigger a memory disclosure by using a specially crafted audio or video file...

Denial Of Service (DoS)

nginx is vulnerable to denial of service. The vulnerability exists due to a memory corruption in ngxhttpmp4module when the mp4 directive is used in the configuration file which allows an attacker to cause an application crash using a specially crafted audio or video file...

FreeBSD : nginx -- Two vulnerabilities (676d4f16-4fb3-11ed-a374-8c164567ca3c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 676d4f16-4fb3-11ed-a374-8c164567ca3c advisory. - NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before...

CVE-2022-41743

NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttphlsmodule that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issue affects only NGINX Plus when...

Design/Logic Flaw

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to corrupt NGINX worker memory, resulting in...

CVE-2022-41743 NGINX ngx_http_hls_module vulnerability CVE-2022-41743

NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttphlsmodule that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issue affects only NGINX Plus when...

CVE-2022-41743 NGINX ngx_http_hls_module vulnerability CVE-2022-41743

NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttphlsmodule that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issue affects only NGINX Plus when...

CVE-2022-41741

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to corrupt NGINX worker memory, resulting in...

PT-2022-5185

Name of the Vulnerable Software and Affected Versions NGINX Open Source versions 1.23.2 and 1.22.1 and earlier NGINX Open Source Subscription versions R2 P1 and R1 P1 and earlier NGINX Plus versions R27 P1 and R26 P1 and earlier Description The issue is related to a buffer-over-read vulnerability...

The vulnerability of the Video microprogramming system component in Qualcomm’s embedded chips allows a hacker to trigger a service failure.

The vulnerability of the Video microprogramming software component in Qualcomm’s embedded chips relates to the lack of checks for buffer length and reading beyond the memory boundary when processing MP4 files. Exploiting this vulnerability can allow a remote attacker to cause service interruption...