3142 matches found
CVE-2025-3887
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2025-3887 GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2025-3887
CVE-2025-3887 affects the GStreamer Gst-plugins-bad1.0 H.265 codec parser. The flaw is a stack-based buffer overflow caused by insufficient validation of user-supplied data length before copying to a fixed-length buffer in the H.265 slice header parsing. This can lead to remote code execution in ...
CVE-2025-3887 GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2025-3887
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
SUSE CVE-2025-37941
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937xsoccodecprobe When sndsocdapmnewcontrols or sndsocdapmaddroutes fails, wcd937xsoccodecprobe returns without releasing 'wcd937x-clshinfo', which is allocated by...
Apple macOS acv2 Codec Converter Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the acv2 codec...
CVE-2025-37941
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937xsoccodecprobe When sndsocdapmnewcontrols or sndsocdapmaddroutes fails, wcd937xsoccodecprobe returns without releasing 'wcd937x-clshinfo', which is allocated by...
DEBIAN-CVE-2025-37941
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937xsoccodecprobe When sndsocdapmnewcontrols or sndsocdapmaddroutes fails, wcd937xsoccodecprobe returns without releasing 'wcd937x-clshinfo', which is allocated by...
UBUNTU-CVE-2025-37941
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937xsoccodecprobe When sndsocdapmnewcontrols or sndsocdapmaddroutes fails, wcd937xsoccodecprobe returns without releasing 'wcd937x-clshinfo', which is allocated by...
CVE-2025-37941
CVE-2025-37941 affects the Linux kernel ASoC: codecs/wcd937x. The issue is a potential memory leak in wcd937x_soc_codec_probe() when snd_soc_dapm_new_controls() or snd_soc_dapm_add_routes() fail, because the allocated wcd937x->clsh_info is not released. The root cause is missing cleanup in err...
CVE-2025-37941 ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe()
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937xsoccodecprobe When sndsocdapmnewcontrols or sndsocdapmaddroutes fails, wcd937xsoccodecprobe returns without releasing 'wcd937x-clshinfo', which is allocated by...
CVE-2025-37889
In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Consistently treat platformmax as control value This reverts commit 9bdd10d57a88 "ASoC: ops: Shift tested values in sndsocputvolsw by +min", and makes some additional related updates. There are two ways the platformmax...
SUSE CVE-2025-3887
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...
CVE-2025-27241 multimedia_av_codec has a NULL pointer dereference vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference...
Malicious code in windows-api-codec-pack (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92245ebaf3540c628e01a2ec1741659ca0285f765539581481af03e857d4d31f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-23157
In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...
The vulnerability of the oc_huff_tree_unpack function in Theora video codecs, which allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the ochufftreeunpack function in Theora video encoding involves an unacceptable left shift operation. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Huawei HarmonyOS Buffer Overflow Vulnerability
Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a buffer overflow vulnerability, which originates in the codec module, that can be exploited by an attacker to affect availability...
PT-2025-29019
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.14.0-rc4-next-20250226+ and earlier Description: A flaw exists in the Linux kernel related to the ASoC Audio Subsystem on Chip component, specifically within the MediaTek mt8195 driver. The issue arises when ETDM1/2...