Lucene search
K

214 matches found

CNVD
CNVD
added 2018/06/04 12:0 a.m.2 views

Yestv camera has an override access vulnerability

Yestv yestv camera is wireless network wifi smart monitor. The yestv camera is vulnerable to an override access vulnerability. With the obtained address and username password, an attacker can exploit the vulnerability to obtain video information from the camera...

6.7AI score
Exploits0
CNVD
CNVD
added 2017/03/03 12:0 a.m.4 views

Yandex Browser for iOS Security Bypass Vulnerability

Yandex Browser for iOS is an iOS-based browser from the Russian company Yandex. A security vulnerability exists in Yandex Browser for iOS versions prior to 16.10.0.2357, which stems from the program's failure to properly restrict the handling of facetime:// URLs. A remote attacker can exploit the...

6.5CVSS6.7AI score0.01516EPSS
Exploits0References1
OSV
OSV
added 2017/03/01 3:59 p.m.4 views

CVE-2016-8507

Yandex Browser for iOS before 16.10.0.2357 does not properly restrict processing of facetime:// URLs, which allows remote attackers to initiate facetime-call without user's approval and obtain video and audio data from a device via a crafted web site...

6.5CVSS5.8AI score0.01516EPSS
Exploits0References2
Veracode
Veracode
added 2017/02/03 7:58 a.m.35 views

Denial Of Service (DoS)

FFMpeg is vulnerable to denial of service DoS attacks and possibly other attacks. These attacks are possible because of a off-by-one error in smc.c leads to out-of-bounds access through the use of Quicktime Graphics aka SMC video data...

7.5CVSS8.3AI score0.02395EPSS
Exploits0References6Affected Software1
Veracode
Veracode
added 2017/02/03 4:52 a.m.26 views

Denial Of Service (DoS)

FFmpeg is vulnerable to denial of service DoS attacks. These attacks are caused by the vmddecode function not validating the relationship between the length value and the frame width. These attacks can be caused through Sierra VMD video data...

7.5CVSS8.3AI score0.01969EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2017/02/03 4:37 a.m.26 views

Denial Of Service (DoS)

FFmpeg is vulnerable to denial of service DoS attacks. These attacks are possible because FFmpeg does not check for a zero value of a slice height in utvideodec.c. This leads to an out-of-bounds array access through Ut Video data...

7.5CVSS5.7AI score0.02395EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/03/31 12:0 a.m.10 views

The vulnerabilities of the software platforms Flash Player and Adobe Integrated Runtime allow attackers to trigger service failures or execute arbitrary code.

The vulnerabilities of the Flash Player and Adobe Integrated Runtime programs are caused by buffer overflows. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code or trigger service failures such as dereferencing uninitialized pointers or memory corruption using...

9.3CVSS8.3AI score0.07152EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/03/25 12:0 a.m.10 views

The vulnerabilities of Adobe Integrated Runtime and Flash Player software allow a perpetrator to execute arbitrary code.

The vulnerability of Adobe Integrated Runtime and Flash Player programs relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted MPEG-4 data...

9.3CVSS8.1AI score0.07659EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.8 views

The vulnerabilities of Adobe Integrated Runtime and Flash Player software allow a perpetrator to execute arbitrary code.

The vulnerability of Adobe Integrated Runtime and Flash Player programs relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted MPEG-4 data...

9.3CVSS8.1AI score0.07926EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.6 views

The vulnerability of the Flash Player software allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the Flash Player software arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure such as reading beyond the memory limit or memory corruption using specially crafted MPEG-4 data...

9.3CVSS8.5AI score0.06292EPSS
Exploits2References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2016/03/17 12:0 a.m.5 views

The vulnerability of the Flash Player software allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the Flash Player software arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure such as reading beyond the memory limit or memory corruption using specially crafted MPEG-4 data...

9.3CVSS8.5AI score0.06292EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2015/12/27 3:59 a.m.18 views

CVE-2015-8253

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive 1 message or 2 MJPEG video data by sniffing the network...

4.3CVSS4.3AI score0.00651EPSS
Exploits1References2
Cvelist
Cvelist
added 2015/12/27 2:0 a.m.25 views

CVE-2015-8253

The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive 1 message or 2 MJPEG video data by sniffing the network...

4.4AI score0.00651EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2015/12/14 12:0 a.m.5 views

The vulnerability of the FFmpeg multimedia library, which allows a hacker to trigger a service failure

The vulnerability of the ffhevcparsesps function in the libavcodec/hevcps.c multimedia library of FFmpeg exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by using specially crafted HEVC data...

7.5CVSS7.7AI score0.02412EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2015/12/09 12:0 a.m.5 views

PT-2016-1407 · Adobe +1 · Integrated Runtime +1

Name of the Vulnerable Software and Affected Versions: Adobe Integrated Runtime affected versions not specified Description: The issue is caused by a buffer overflow. It may allow a remote attacker to execute arbitrary code or cause a denial of service out-of-bounds memory read, memory corruption...

10CVSS9.3AI score0.43408EPSS
Exploits21References195
Positive Technologies
Positive Technologies
added 2015/12/09 12:0 a.m.4 views

PT-2016-1406 · Adobe +1 · Integrated Runtime +2

Name of the Vulnerable Software and Affected Versions: Adobe Integrated Runtime and Flash Player affected versions not specified Description: The issue is related to the use of memory after it has been freed, which can be exploited by a remote attacker using specially crafted MPEG-4 data to execu...

10CVSS9.1AI score0.43408EPSS
Exploits21References194
Positive Technologies
Positive Technologies
added 2015/12/09 12:0 a.m.4 views

PT-2016-1405 · Adobe +1 · Integrated Runtime +2

Name of the Vulnerable Software and Affected Versions: Adobe Integrated Runtime and Flash Player affected versions not specified Description: The issue is related to the use of memory after it has been freed, which can be exploited by a remote attacker using specially crafted MPEG-4 data to execu...

10CVSS9.1AI score0.43408EPSS
Exploits21References193
OSV
OSV
added 2015/11/26 12:0 a.m.3 views

UBUNTU-CVE-2015-8364

Integer overflow in the ffiviinitplanes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service out-of-bounds heap-memory access or possibly have unspecified other impact via crafted image dimensions in...

6.8CVSS7.4AI score0.02069EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.33 views

Mageia: Security Advisory (MGASA-2015-0249)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.1AI score0.024EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2015/10/14 12:0 a.m.14 views

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code or cause a service failure

The vulnerability of the MPEG4Extractor::parseChunk function in the libstagefright library of the Android operating system is related to integer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using specially crafted MPEG-4...

10CVSS6.3AI score0.89782EPSS
Exploits0References3
Rows per page
Query Builder