EUVD-2023-47924

Malicious code in bioql PyPI...

EUVD-2023-47933

Malicious code in bioql PyPI...

CLSA-2025-1759431860 kernel: Fix of 40 CVEs

ASoC: topology: Clean up route loading CVE-2024-41069 - ASoC: topology: Fix references to freed memory CVE-2024-41069 - drm/dpmst: Fix MST sideband message body length check CVE-2024-56616 - Bluetooth: L2CAP: Fix not validating setsockopt user input CVE-2024-35965 - Bluetooth: L2CAP:...

CVE-2023-53497 media: vsp1: Replace vb2_is_streaming() with vb2_start_streaming_called()

In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2isstreaming with vb2startstreamingcalled The vsp1 driver uses the vb2isstreaming function in its .bufqueue handler to check if the .startstreaming operation has been called, and decide whether to just add...

SUSE CVE-2023-53425

In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...

CVE-2023-53425

In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...

UBUNTU-CVE-2023-53425

In the Linux kernel, the following vulnerability has been resolved: media: platform: mediatek: vpu: fix NULL ptr dereference If pdev is NULL, then it is still dereferenced. This fixes this smatch warning: drivers/media/platform/mediatek/vpu/mtkvpu.c:570 vpuloadfirmware warn: address of NULL point...

CVE-2025-43349

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted video file may lead to...

CVE-2025-43349

CVE-2025-43349 describes an out-of-bounds write in media processing that may cause an app to terminate when handling a malicious video file. The Apple security content lists affected components (e.g., CoreMedia and CoreAudio entries) and notes that the issue is fixed by updating to newer OS relea...

About the security content of iOS 18.7 and iPadOS 18.7

About the security content of iOS 18.7 and iPadOS 18.7 This document describes the security content of iOS 18.7 and iPadOS 18.7. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

PT-2025-33660 · Gnu +1 · Gpac +1

Уязвимость функции gf ac4 pres b 4 back channels present утилиты MP4Box мультимедийной платформы GPAC связана с разыменованием нулевого указателя. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании...

CVE-2025-27042

Memory corruption while processing video packets received from video firmware...

CVE-2025-27042 Incorrect Calculation of Buffer Size in Video

Memory corruption while processing video packets received from video firmware...

openh264: Heap Overflow

Background OpenH264 is a codec library which supports H.264 encoding and decoding. It is suitable for use in real time applications such as WebRTC. Description A vulnerability has been discovered in openh264. Please review the CVE identifiers referenced below for details. Impact A vulnerability i...

CVE-2025-43200

This issue was addressed with improved checks. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, visionOS 2.3.1, watchOS 11.3.1. A logic issue existed...

CVE-2024-27873

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Processing a maliciously crafted video file may lead to unexpected app...

CVE-2022-25653

Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

Comparing Video Processing Units (VPUs), GPUs, and CPUs

More users than ever subscribe to on-demand media streaming and engage with live streaming video over the internet, rather than broadcast television...

nginx: specially crafted MP4 file may cause denial of service

A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...

SUSE-SU-2025:1477-1 Security update for libva

This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: uncontrolled search path may allow an authenticated user to escalate privilege via local access CVE-2023-39929, bsc1224413, jscPED-11066 This includes latest version of one of the...