983 matches found
CVE-2026-8529
CVE-2026-8529 describes a heap buffer overflow in Chrome/Chromium Codecs that can allow a remote attacker to execute arbitrary code inside the sandbox via a crafted video file. Affected software: Google Chrome (prior to 148.0.7778.168). Root cause: heap buffer overflow in Codecs. Impact: remote c...
CVE-2026-8529
Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. Chromium security severity: High...
Division by zero
Overview Affected versions of this package are vulnerable to Division by zero in the qtdemuxaudiocaps function of the isomp4 plugin when parsing MP4 audio tracks. An attacker can cause a denial of service by supplying crafted atom data that triggers an integer division by zero. Remediation A fix...
PT-2026-41102
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description An integer overflow in Codecs allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. Recommendations Update to version 148.0.7778.168 or later...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability caused by a heap buffer overflow issue in the Codecs component. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a buffer overflow vulnerability, which was caused by an out-of-bounds write issue in the Codecs component. This vulnerability could allow remote attackers to execute a sandbox escap...
RHEL 9 : nginx:1.24 (RHSA-2026:15943)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:15943 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage...
CVE-2026-7933
Out of bounds read in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. Chromium security severity: Medium...
CVE-2026-7933
CVE-2026-7933 describes an out-of-bounds read in WebCodecs affecting Google Chrome before 148.0.7778.96. A remote attacker could trigger memory read via a crafted video file. The issue is mitigated by updating to version 148.0.7778.96 or later. Connected sources from NVD, Debian OSV, ENISA EUVD, ...
CVE-2026-7933
Out of bounds read in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. Chromium security severity: Medium...
CVE-2026-7933
Out of bounds read in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. Chromium security severity: Medium...
nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files
A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...
PT-2026-38126
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An out of bounds read in WebCodecs allows a remote attacker to perform an out of bounds memory read by using a crafted video file. Recommendations Update to version 148.0.7778.96 or lat...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of mcchroma in the motion.cc library. This vulnerability allows attackers to cause a Denial of Service DoS attack by using a specially crafted video file...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the ffhevcputhevcepelpixels8sse function in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a crafted video file...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the putepel16fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...
Astra Linux – Vulnerability in libde265
It was discovered that Libde265 v1.0.8 contains an unknown vulnerability through the ffhevcputhevcqpelh3v3sse function in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...
SUSE CVE-2013-3245
plugins/demux/libmkvplugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted MKV file, possibly involving an integer overflow and out-of-bounds read or heap-based buffer...
EUVD-2026-25253
Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...