175 matches found
Intel VPL 输入验证错误漏洞
Intel VPL is a video processing library from Intel Corporation USA . An input validation error vulnerability exists in Intel VPL versions prior to 24.1.4, which stems from an integer overflow. An attacker can exploit the vulnerability to elevate privileges...
CVE-2024-40841
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted video file may lead to unexpected app termination...
CVE-2024-27873
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8, macOS Monterey 12.7.6, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6. Processing a maliciously crafted video file may lead to unexpected app...
OESA-2024-1833 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: Integer overflow...
PT-2024-30693
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns handling an invalid decoder vsi in the vpu dec init function to ensure the decoder vsi is valid for future use. This is related to the media: mediatek: vcodec componen...
Intel Media SDK 和 Intel oneVPL software 安全漏洞
Intel Media SDK is a multimedia SDK software development kit from Intel Corporation USA. It is used for video encoding, decoding and processing in Windows and embedded Linux applications. A security vulnerability previously existed in Intel Media SDK and Intel oneVPL software version 23.3.5, whic...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from an information disclosure when parsing dts header atoms in video...
CVE-2024-31585
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avfshowspectrum.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
New Image/Video Prompt Injection Attacks
Simon Willison has been playing with the video processing capabilities of the new Gemini Pro 1.5 model from Google, and its really impressive. Which means a lot of scary new video prompt injection attacks. And remember, given the current state of technology, prompt injection attacks are impossibl...
AZL-62423 CVE-2023-6879 affecting package libao 1.2.0-24
Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1looprestorationdealloc...
The vulnerability of the cloud-based video conversion, annotation, and format conversion application for Adobe Prelude involves accessing an uninitialized pointer, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the cloud-based video conversion, annotation, and format conversion application for Adobe Prelude relates to access to an uninitialized pointer during processing of MP4 files. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected informati...
PT-2023-24066 · Mediatek +1 · Mt6883 +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a possible out of bounds write due to a missing bounds check in video processing. This could lead to local escalation of privile...
Fedora: Security Advisory (FEDORA-2023-ea65146fd4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: oneVPL-2023.3.1-1.fc39
The oneAPI Video Processing Library oneVPL provides a single video processi ng API for encode, decode, and video processing that works across a wide range of accelerators. The base package is limited to the dispatcher and samples. To use oneVPL for video processing you need to install at least on...
[SECURITY] Fedora 39 Update: oneVPL-intel-gpu-23.3.4-2.fc39
Intel oneVPL GPU Runtime is a Runtime implementation of oneVPL API for Intel Gen GPUs. Runtime provides access to hardware-accelerated video decode, encode and filtering...
libvpx: crash related to VP9 encoding in libvpx
A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a w...
[SECURITY] Fedora 37 Update: oneVPL-2023.3.1-1.fc37
The oneAPI Video Processing Library oneVPL provides a single video processi ng API for encode, decode, and video processing that works across a wide range of accelerators. The base package is limited to the dispatcher and samples. To use oneVPL for video processing you need to install at least on...
Fedora: Security Advisory for oneVPL (FEDORA-2023-b6aab4f954)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: oneVPL-2023.3.1-1.fc38
The oneAPI Video Processing Library oneVPL provides a single video processi ng API for encode, decode, and video processing that works across a wide range of accelerators. The base package is limited to the dispatcher and samples. To use oneVPL for video processing you need to install at least on...
libvpx: crash related to VP9 encoding in libvpx
A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a w...