13 matches found
CVE-2020-12113
BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used...
EUVD-2020-4429
Malware in sbrugna...
gstreamer1-plugins-good: OOB-write in convert_to_s334_1a
A flaw was found in the GStreamer library. An out-of-bounds write in the MP4/MOV demuxer when handling CEA608 Closed Caption tracks can lead to crashes for certain input files. This vulnerability allows a malicious third party to trigger a crash of the application and perform code execution throu...
gstreamer1-plugins-good: OOB-write in convert_to_s334_1a
A flaw was found in the GStreamer library. An out-of-bounds write in the MP4/MOV demuxer when handling CEA608 Closed Caption tracks can lead to crashes for certain input files. This vulnerability allows a malicious third party to trigger a crash of the application and perform code execution throu...
gstreamer1-plugins-good: OOB-write in convert_to_s334_1a
A flaw was found in the GStreamer library. An out-of-bounds write in the MP4/MOV demuxer when handling CEA608 Closed Caption tracks can lead to crashes for certain input files. This vulnerability allows a malicious third party to trigger a crash of the application and perform code execution throu...
CVE-2020-12113
BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used...
CVE-2020-12113
BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used...
Cross site scripting
BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used...
CVE-2020-12113
BigBlueButton is affected by CVE-2020-12113: prior to version 2.2.4, the Web UI is vulnerable to cross-site scripting via closed captions because dangerouslySetInnerHTML is used in React. This vulnerability allows XSS as described in multiple sources (e.g., BigBlueButton’s 2.2.4 release notes and...
CVE-2020-12113
BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used...
BigBlueButton < 2.2.4 - Reflected Cross-Site Scripting (XSS)
XSS via closed captions because dangerouslySetInnerHTML in React is used...
Valve: Specially Crafted Closed Captions File can lead to Remote Code Execution in CS:GO and other Source Games
With a specially crafted closed captions file, the parser calls CHudCloseCaption::GetNoRepeatValue which in turn calls CHudCloseCaption::SplitCommand which has no boundary checks allowing the on stack variables cmd and args to be overflowed which in turn allows Remote Code Execution. Buffer...
January 31, 2018—KB4058258 (OS Build 16299.214)
January 31, 2018—KB4058258 OS Build 16299.214 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue that causes Hyper-V VMs that are replicated using Hyper-V Replica or Azure Sit...