Adobe After Effects has a stack overflow vulnerability

Adobe After Effects, abbreviated as "AE", is a graphic video processing software from Adobe, suitable for organizations engaged in design and video stunts, including television stations, animation production companies, individual post-production studios and multimedia studios. A stack overflow...

Heap Corruption Vulnerability in Adobe After Effects (CNVD-2021-29077)

Adobe After Effects, or "AE" for short, is a graphics and video processing software from Adobe, suitable for organizations engaged in design and video stunts, including television stations, animation production companies, individual post-production studios and multimedia studios. A heap corruptio...

Heap Corruption Vulnerability in Adobe After Effects (CNVD-2021-29078)

Adobe After Effects, or "AE" for short, is a graphics and video processing software from Adobe, suitable for organizations engaged in design and video stunts, including television stations, animation production companies, individual post-production studios and multimedia studios. A heap corruptio...

Memory corruption vulnerability exists in Adobe After Effects (CNVD-2021-26188)

Adobe After Effects is a graphic video processing software. A memory corruption vulnerability exists in Adobe After Effects, which can be exploited by attackers to cause a denial of service...

DEBIAN-CVE-2020-14410

SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...

USN-4199-1 libvpx vulnerabilities

It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

PT-2019-6452 · FFmpeg +5 · Ffmpeg +5

Name of the Vulnerable Software and Affected Versions: FFmpeg version 4.2.1 Description: The issue is related to an integer overflow vulnerability in the filter16 roberts function of the libavfilter/vf convolution.c component in the FFmpeg library. This vulnerability can be exploited by a remote...

FaceTime - Texture Processing Memory Corruption

There is a memory corruption issue that occurs when processing a malformed RTP video stream in FaceTime. It appears to be related to processing textures. thread 7, stop reason = EXCBADACCESS code=EXCI386GPFLT frame 0: 0x00007fff56baaa92 CoreVideoCVMetalTextureBacking::releaseBackingUsage + 20 fra...

DEBIAN-CVE-2019-1000016

FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbsav1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in...

#OTTuesday: Who Wins in a Format War - A Chat with Encoding.com

If you asked anyone 10 years ago who the winner would be in the over online video formats, you would have heard some strong opinions -- and some incorrect predictions. Video standards and formats will continue to change as long as users demand new ways to view content. AkamaiTV's Nelson Rodriguez...

FaceTime - RTP Video Processing Heap Corruption

There is a memory corruption issue when processing a malformed RTP video stream in FaceTime that leads to a kernel panic due to a corrupted heap cookie or data abort. This bug can be reached if a user accepts a call from a malicious caller. This issue only affects FaceTime on iOS, it does not cra...

Hardware Acceleration for Linux endpoints with AMD GPUs

Starting from version 2.5,HDX RTME supports hardware acceleration for video compression on Linux thin clients or fat clients with AMD GPU. Specifically, for video encoding RTME uses VCE 2.0 or higher. Video decoding has limited support because of some technical limitations, and it is disabled in...

Memory Corruption Vulnerability in AVI Video Processing by AVI Star

Video Star is a video player. A memory corruption vulnerability exists in the AVI video processing of the AVI Star player. An attacker can cause the program to crash by constructing a malformed AVI video, which if successfully exploited can lead to arbitrary code execution...

Unspecified Vulnerability in Ffmpeg (CNVD-2017-20991)

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. There is an unspecified vulnerability in Ffmpeg, and no detailed vulnerability details are provided at this time...

arxius: another local file disclosure via ffmpeg

Summary The fix for https://hackerone.com/reports/242831 can be easily bypassed. It looks like you've banned file:// substring, which is not enough. Repro steps 1. Download genavi.py attached and run the script like this: python3 genavi.py /etc/passwd mustsandboxffmpeg.avi.mp4. 2. Visit...

Google Chrome < 56.0.2924.76 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 56.0.2924.76. It is, therefore, affected by multiple vulnerabilities as referenced in the 201701stable-channel-update-for-desktop advisory. - A use after free in Google Chrome prior to 56.0.2924.76 for Linux, Windows an...

PT-2017-1117 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 24.0.0.186 and earlier Description: The issue is caused by a heap overflow in memory when processing Flash Video files, which can allow a remote attacker to execute arbitrary code. This can occur when handling the...

FFmpeg Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A denial of service vulnerability exists in FFmpeg versions prior to 3.1.3, which allows attackers to exploit the vulnerability to cause a denial of service...

FFmpeg sws_init_context Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'swsinitcontext' function in the libswscale/utils.c file in versions of FFmpeg prior to 2.7.2, which stems from the program's failure to initialize th...

DEBIAN-CVE-2014-2263

The mpegtswritepmt function in the MPEG2 transport stream aka DVB muxer libavformat/mpegtsenc.c in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write...