23 matches found
EUVD-2005-1899
Malware in sbrugna...
EUVD-2024-45357
Malicious code in bioql PyPI...
EUVD-2024-25935
Malicious code in bioql PyPI...
EUVD-2024-45361
Malicious code in bioql PyPI...
EUVD-2024-42302
Malicious code in bioql PyPI...
CVE-2005-1897
Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors...
CVE-2024-51485 Insufficient Validation in Plugins (Activation/Deactivation) in Ampache
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating plugins. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change...
CVE-2024-51486
Ampache (web-based audio/video streaming app and file manager) has a Stored Cross-Site Scripting vulnerability in the interface menu’s Custom URL - Favicon field. The input is not properly sanitized, allowing JavaScript execution. The issue is mitigated by upgrading to version 7.0.1, which is the...
CVE-2024-51489
Ampache (web-based audio/video streaming app and file manager) is affected by an insufficient CSRF token validation in its messaging feature. The root cause is the current token parsing/validation logic not adequately validating CSRF tokens when users send messages to one another, enabling potent...
CVE-2024-51489 Insufficient Message Token Validation in Ampache
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users send messages to one another. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to send messag...
CVE-2024-51490 Stored Cross-Site Scripting in Ampache
Ampache is a web based audio/video streaming application and file manager. This vulnerability exists in the interface section of the Ampache menu, where users can change "Custom URL - Logo". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript. Thi...
CVE-2024-47184
CVE-2024-47184 affects Ampache prior to version 6.6.0, where the Democratic Playlist Name is vulnerable to stored cross-site scripting. The issue is fixed in 6.6.0. Vulnerable component: Ampache web-based audio/video streaming application and file manager; root cause: stored XSS in Democratic Pla...
FFmpeg Buffer Overflow Vulnerability (CNVD-2024-29680)
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version v.n6.1-3-g466799d4f5, which can be exploited by an attacker to execute arbitrary code via the avsamplessetsilence function in the...
CVE-2024-28853
Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting XSS vulnerability in ampache before v6.3.1 allows a remote attacker to execute code via a crafted payload to serval parameters in the post request of...
FFmpeg 安全漏洞
FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg Ffmpeg team. Ffmpeg suffers from a security vulnerability that stems from adtsdecodeextradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the initgetbits return value, a necessary step...
FFmpeg heap buffer overflow vulnerability (CNVD-2021-39762)
FFmpeg is a complete solution for recording, converting and streaming audio and video. A heap buffer overflow vulnerability exists in fffillrectangle in libavfilter/drawutils.c in FFmpeg version 4.2. An attacker could exploit this vulnerability to cause memory corruption...
FFmpeg heap buffer overflow vulnerability (CNVD-2021-39760)
FFmpeg is a complete solution for recording, converting and streaming audio and video. A heap buffer overflow vulnerability exists in filter16complexlow in libavfilter/vfw3fdif.c in FFmpeg version 4.2. An attacker could exploit this vulnerability to cause memory corruption...
CVE-2021-21399
Ampache is a web based audio/video streaming application and file manager. Versions prior to 4.4.1 allow unauthenticated access to Ampache using the subsonic API. To successfully make the attack you must use a username that is not part of the site to bypass the auth checks. For more details and...
CVE-2005-1897
Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors...
CVE-2005-1897
Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors...