Lucene search
K

214 matches found

Redos
Redos
added 2023/10/16 12:0 a.m.29 views

ROS-20231016-02

Vulnerability of libvpx multimedia library is related to incorrect handling of exceptional states when processing certain special format video data. when processing certain special-format video data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of...

7.5CVSS6.7AI score0.01936EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/10/09 11:29 a.m.5 views

libvpx: crash related to VP9 encoding in libvpx

A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a w...

7.5CVSS7.8AI score0.01936EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/10/06 12:0 a.m.4 views

The vulnerability of the multimedia library libvpx arises from improper handling of exception states during the processing of certain special format video data. This vulnerability allows attackers to cause service failures.

The vulnerability of the multimedia library libvpx is related to incorrect processing of exception states during the processing of certain special format video data. Exploiting this vulnerability can allow a malicious actor to cause service failures through a specially created HTML page...

7.8CVSS6.8AI score0.01936EPSS
Exploits0References25Affected Software16
SUSE CVE
SUSE CVE
added 2023/02/15 5:19 a.m.2 views

SUSE CVE-2015-3334

browser/ui/websitesettings/websitesettings.cc in Google Chrome before 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permission to a web site, which might make it easier for user-assisted remote attackers to obtain sensitive...

4.3CVSS5.8AI score0.01451EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.1 views

SUSE CVE-2017-7718

hw/display/cirrusvgarop.h in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service out-of-bounds read and QEMU process crash via vectors related to copying VGA data via the cirrusbitbltropfwdtransp and cirrusbitbltropfwd functions...

5.5CVSS8.4AI score0.00499EPSS
Exploits0References17
CNNVD
CNNVD
added 2022/08/18 12:0 a.m.3 views

Intel Edge Insights for Industrial 安全漏洞

Intel Edge Insights for Industrial is a pre-validated, ready-to-deploy software reference design for video and time series data ingestion from Intel Corporation Intel. A security vulnerability exists in Intel Edge Insights for Industrial prior to version 2.6.1 that stems from improper access...

7.8CVSS7.4AI score0.00206EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/06/02 12:15 a.m.3 views

CVE-2022-29235

BigBlueButton is an open source web conferencing system. Starting in version 2.2 and prior to versions 2.3.18 and 2.4-rc-6, an attacker who is able to obtain the meeting identifier for a meeting on a server can find information related to an external video being shared, like the current timestamp...

5.3CVSS5.7AI score0.00974EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2022/06/01 12:0 a.m.7 views

PT-2022-19485 · Unknown · Bigbluebutton

Name of the Vulnerable Software and Affected Versions: BigBlueButton versions 2.2 through 2.3.17 BigBlueButton versions 2.4-rc-1 through 2.4-rc-5 Description: BigBlueButton is an open source web conferencing system. An attacker who is able to obtain the meeting identifier for a meeting on a serve...

5.3CVSS5AI score0.00974EPSS
Exploits0References11
vulnersOsv
vulnersOsv
added 2021/08/25 8:52 p.m.6 views

av-codec (>=0.1.0 <=0.2.1), av-format (>=0.1.0 <=0.3.0) +3 more potentially affected by CVE-2021-25904 via av-data (>=0.1.0 <=0.2.2)

av-data CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.1 - libaom =0.2.0 - libvpx =0.1.0 Source cves: CVE-2021-25904 Source advisory: OSV:GHSA-352P-RHVQ-7G78...

7.5CVSS7.1AI score0.01327EPSS
Exploits1
FireEye
FireEye
added 2021/08/17 12:0 p.m.113 views

Mandiant Discloses Critical Vulnerability Affecting Millions of IoT Devices

Today, Mandiant disclosed a critical risk vulnerability in coordination with the Cybersecurity and Infrastructure Security Agency “CISA” that affects millions of IoT devices that use the ThroughTek “Kalay” network. This vulnerability, discovered by researchers on Mandiant’s Red Team in late 2020,...

7.6CVSS8.5AI score0.02575EPSS
Exploits1References11
NVD
NVD
added 2020/09/25 4:23 a.m.16 views

CVE-2020-25748

A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras firmware versions v342, v339. Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NTP and RTSP...

8.1CVSS0.00844EPSS
Exploits0References1
Veracode
Veracode
added 2020/06/03 4:11 a.m.21 views

Arbitrary Code Execution

ffmpeg is vulnerable to arbitrary code execution. The vulnerability exists as the studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact...

8.8CVSS8.3AI score0.02751EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2020/04/23 12:0 a.m.1 views

Lazysizes Cross-Site Scripting Vulnerability

lazysizes is a lightweight inert loader. It is mainly used for delayed loading of content such as images, iframes and scripts. A security vulnerability exists in lazysizes 5.2.0 and earlier versions, which stems from the program's failure to clean up the following attributes: data-vimeo,...

5.4CVSS7AI score0.00889EPSS
Exploits1References1
OSV
OSV
added 2020/02/07 8:15 p.m.3 views

CVE-2020-6769

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway VSG allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded...

9.1CVSS7.3AI score0.02216EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/13 12:0 a.m.4 views

Unspecified Vulnerability in Apple iOS and iPadOS Photos Component

Apple iOS is an operating system for mobile devices developed by Apple. A security vulnerability exists in the Photos component of Apple iOS before 13.3 and iPadOS before 13.3. An attacker could exploit the vulnerability to share Live Photo audio and video data even if Live Photo is not enabled...

3.3CVSS6.3AI score0.00295EPSS
Exploits0References1
Prion
Prion
added 2019/05/29 7:29 p.m.20 views

Improper access control

A recently discovered security vulnerability affects all Bosch Video Management System BVMS versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System BIS with Video Engine, Access Professional Edition APE, Access Easy Controller AEC, Bosch Vide...

6.4CVSS9AI score0.01515EPSS
Exploits0References1Affected Software9
Positive Technologies
Positive Technologies
added 2019/05/29 12:0 a.m.5 views

PT-2019-18378 · Bosch · Configuration Manager +7

Name of the Vulnerable Software and Affected Versions: Bosch Video Management System BVMS versions 9.0 and below DIVAR IP versions 2000 through 7000 Configuration Manager affected versions not specified Building Integration System BIS with Video Engine affected versions not specified Access...

9.8CVSS9.4AI score0.01515EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2019/04/24 12:0 a.m.27 views

FFmpeg 4.x < 4.0.4, 4.1.x < 4.1.2 Denial of Service (DoS) Vulnerability

FFmpeg is prone to a denial of service vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software...

8.8CVSS8.5AI score0.02751EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/04/18 12:0 a.m.24 views

CVE-2019-11339

The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via crafted MPEG-4 video data...

8.8CVSS7.2AI score0.02751EPSS
Exploits0References4
NVD
NVD
added 2019/03/01 5:29 a.m.13 views

CVE-2019-9483

Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door...

9.1CVSS9.1AI score0.00592EPSS
Exploits0References2
Rows per page
Query Builder