SUSE CVE-2019-9719

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a...

MAL-2025-5636 Malicious code in ass-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d9179dab2c24e4e6a26ba920c58d4c057745bfaf4cf851a377864974a3fdfd1a The OpenSSF Package Analysis project identified 'ass-frontend' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

Malicious code in ass-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d9179dab2c24e4e6a26ba920c58d4c057745bfaf4cf851a377864974a3fdfd1a The OpenSSF Package Analysis project identified 'ass-frontend' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

libass: Denial of service

Background libass is a portable subtitle renderer for the ASS/SSA Advanced Substation Alpha/Substation Alpha subtitle format. Description A one-byte buffer overwrite in ASS font decoding could trigger an assertion failure resulting in denial of service. Impact An attacker with control over the AS...

Fedora: Security Advisory for libass (FEDORA-2022-2af150223a)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: libass-0.15.2-1.fc34

Libass is a portable library for SSA/ASS subtitles rendering...

[SECURITY] Fedora 33 Update: mediainfo-21.03-1.fc33

MediaInfo CLI Command Line Interface. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio: codec, sample rate, channels, language, bitrate... Text: language of subtitle Chapters: number of...

DEBIAN-CVE-2020-26682

In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...

UBUNTU-CVE-2020-26682

In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...

ass-reinigungen.ch Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1167726 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

The vulnerability of the `ff_htmlmarkup_to_ass` function in the FFmpeg multimedia library allows a hacker to induce a service failure.

The vulnerability of the ffhtmlmarkuptoass function in the FFmpeg multimedia library relates to reading data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by using a specially crafted Matroska format video file...

PT-2019-19819 · FFmpeg · Libav

Name of the Vulnerable Software and Affected Versions: Libav version 12.3 Description: A stack-based buffer overflow issue exists in the subtitle decoder of Libav, potentially allowing attackers to corrupt the stack via a crafted video file in Matroska format. This issue arises from the misuse of...

[SECURITY] Fedora 29 Update: libmediainfo-19.04-1.fc29

This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio:...

[SECURITY] Fedora 30 Update: libmediainfo-19.04-1.fc30

This package contains the shared library for MediaInfo. MediaInfo supplies technical and tag information about a video or audio file. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio:...

ass-media.de XSS vulnerability

Open Bug Bounty ID: OBB-644956 Description| Value ---|--- Affected Website:| ass-media.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ass-team.net XSS vulnerability

Open Bug Bounty ID: OBB-623416 Description| Value ---|--- Affected Website:| ass-team.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ass-cat.com XSS vulnerability

Open Bug Bounty ID: OBB-592641 Description| Value ---|--- Affected Website:| ass-cat.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

ALPINE-CVE-2016-7969

The wraplinessmart function in assrender.c in libass before 0.13.4 allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors, related to "0/3 line wrapping equalization."...

UBUNTU-CVE-2016-7969

The wraplinessmart function in assrender.c in libass before 0.13.4 allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors, related to "0/3 line wrapping equalization."...

[SECURITY] Fedora 23 Update: libass-0.13.4-1.fc23

Libass is a portable library for SSA/ASS subtitles rendering...