Lucene search
K

116 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.4 views

SUSE CVE-2013-1928

The dovideosetspupalette function in fs/compatioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEOSETSPUPALETTE ioctl call on a /dev/dvb device...

4.7CVSS6AI score0.0035EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.4 views

SUSE CVE-2019-18675

The Linux kernel through 5.3.13 has a startoffset+size Integer Overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2core.c because cpia2 has its own mmap implementation. This allows local users with /dev/video0 access to obtain read and write permissions on kernel physical pages, which ca...

6.6CVSS6.5AI score0.00533EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:6 a.m.2 views

SUSE CVE-2019-18683

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during...

7CVSS7.2AI score0.00985EPSS
Exploits1References17
OSV
OSV
added 2022/06/28 6:54 p.m.7 views

GSD-2022-1003222 video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove()

video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xxgcuprobe/remove This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by...

7.2AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/06/28 2:15 p.m.2 views

CVE-2022-30563

When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet...

7.4CVSS5.8AI score0.00856EPSS
Exploits1References2
CNVD
CNVD
added 2020/06/05 12:0 a.m.5 views

Castel NextGen DVR Cross-Site Request Forgery Vulnerability

Castel NextGen DVR is a network video device. A cross-site request forgery vulnerability exists in Castel NextGen DVR v1.0.0. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could use this vulnerability to...

6.5CVSS6.5AI score0.00644EPSS
Exploits2References1
CNVD
CNVD
added 2020/06/05 12:0 a.m.9 views

Castel NextGen DVR Management Feature Elevation of Privilege Vulnerability

Castel NextGen DVR is a network video device. A security vulnerability exists in the Castel NextGen DVR management feature that allows a remote attacker can exploit the vulnerability to submit a special request that can elevate privileges and gain administrator privileges...

8.8CVSS7AI score0.02018EPSS
Exploits3References1
OSV
OSV
added 2019/11/25 2:15 p.m.3 views

DEBIAN-CVE-2019-18675

The Linux kernel through 5.3.13 has a startoffset+size Integer Overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2core.c because cpia2 has its own mmap implementation. This allows local users with /dev/video0 access to obtain read and write permissions on kernel physical pages, which ca...

7.8CVSS6.8AI score0.00533EPSS
Exploits1References1
OSV
OSV
added 2019/11/25 2:15 p.m.3 views

UBUNTU-CVE-2019-18675

The Linux kernel through 5.3.13 has a startoffset+size Integer Overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2core.c because cpia2 has its own mmap implementation. This allows local users with /dev/video0 access to obtain read and write permissions on kernel physical pages, which ca...

7.8CVSS6.7AI score0.00533EPSS
Exploits1References6
OSV
OSV
added 2019/11/04 4:15 p.m.2 views

DEBIAN-CVE-2019-18683

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during...

7CVSS6.8AI score0.00985EPSS
Exploits1References1
OSV
OSV
added 2019/11/04 4:15 p.m.4 views

UBUNTU-CVE-2019-18683

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during...

7CVSS6.8AI score0.00985EPSS
Exploits1References10
OSV
OSV
added 2017/04/24 6:59 a.m.2 views

DEBIAN-CVE-2010-5321

Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service memory consumption by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability...

4.3CVSS7AI score0.00401EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2017/04/24 12:0 a.m.22 views

PT-2017-4905 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.x through 4.x Description: The issue is a memory leak in the videobuf subsystem, specifically in the drivers/media/video/videobuf-core.c file. This allows local users to cause a denial of service by consuming memory...

10CVSS7AI score0.16908EPSS
Exploits118References809
CNVD
CNVD
added 2016/06/06 12:0 a.m.1 views

Remote Command Execution Vulnerability in the $format Parameter of the Video Device System of Clearstream Xun (Beijing) Technology Co.

StreamOcean, Inc. is the world's leading high-technology company dedicated to delivering high-definition interactive video over the Internet, with its fully independent intellectual property rights in the StreamOcean Video Delivery Network SOVDN, which provides the infrastructure for full video...

7.4AI score
Exploits0References1
OSV
OSV
added 2016/05/23 12:0 a.m.2 views

UBUNTU-CVE-2016-4568

drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...

7.8CVSS6.9AI score0.00357EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2013/11/20 4:57 p.m.5 views

Kernel: information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE

The dovideosetspupalette function in fs/compatioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEOSETSPUPALETTE ioctl call on a /dev/dvb device...

4.7CVSS7.1AI score0.0035EPSS
Exploits0References4
Rows per page
Query Builder