66 matches found
Huawei HarmonyOS audio codec module out-of-bounds access vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An out-of-bounds access vulnerability exists in the Huawei HarmonyOS audio codec module, which can be exploited by an attacker to cause a usability impact...
CVE-2025-54610
Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-54650
Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function...
CVE-2025-54650
Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function...
CVE-2025-54610
Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2025-54609
Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2025-32016
Name of the Vulnerable Software and Affected Versions: versions affected versions not specified Description: An out-of-bounds access issue exists in the audio codec module. Successful exploitation of this issue may affect system availability. Recommendations: At the moment, there is no informatio...
CVE-2025-21006
Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory...
CVE-2025-6663
GStreamer H266 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2022-50018
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Double-free in libvpx encoder CVE-2025-5283 For more details about the security issues, including the impac...
CVE-2025-2474
Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec...
Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free security update
An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution...
CVE-2020-35902
An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed...
CVE-2019-9247
In AAC Codec, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120426166...
CVE-2011-4246
The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors...
CVE-2011-4252
The RV10 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code via a crafted sample height...
USN-7397-1: AOM vulnerability
Xiantong Hou discovered that AOM did not properly handle certain malformed media files. If an application using AOM opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...
cisco -- OpenH264 Decoding Functions Heap Overflow Vulnerability
Cisco reports: A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due to a race condition between a Sequence Parameter Set SPS memory allocation and a subsequent non Instantaneous...