3142 matches found
libvpx: Double-free in libvpx encoder
A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...
Towards Generalized Source Tracing for Codec-Based Deepfake Speech
Recent attempts at source tracing for codec-based deepfake speech CodecFake, generated by neural audio codec-based speech generation CoSG models, have exhibited suboptimal performance. However, how to train source tracing models using simulated CoSG data while maintaining strong performance on re...
[SECURITY] Fedora 41 Update: libvpx-1.15.0-3.fc41
libvpx provides the VP8/VP9 SDK, which allows you to integrate your applicati ons with the VP8 and VP9 video codecs, high quality, royalty free, open source co decs deployed on millions of computers and devices worldwide...
[SECURITY] Fedora 42 Update: libvpx-1.15.0-3.fc42
libvpx provides the VP8/VP9 SDK, which allows you to integrate your applicati ons with the VP8 and VP9 video codecs, high quality, royalty free, open source co decs deployed on millions of computers and devices worldwide...
Ubuntu: Security Advisory (USN-7558-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
libvpx: Double-free in libvpx encoder
A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...
Samsung S24 VC1 Decoder Out-Of-Bounds Write
There is an out-of-bounds write to a heap buffer in the Samsung S24 VC1 decoder. The function svc1drrfrm can write outside of the allocated frame buffers in several locations due to incorrect calculations of buffer offsets...
Security Bulletin: IBM Maximo Application Suite - IoT Component uses commons-codec-1.11.jar, okio-jvm-3.0.0.jar, jetty-http-10.0.24.jar and jetty-server-10.0.24.jar which is vulnerable to CVE-2020-8908, CVE-2023-2976, CVE-2024-6763, CVE-2023-3635
Summary IBM Maximo Application Suite - IoT Component uses commons-codec-1.11.jar, okio-jvm-3.0.0.jar, jetty-http-10.0.24.jar and jetty-server-10.0.24.jar which is vulnerable to CVE-2020-8908, CVE-2023-2976, CVE-2024-6763, CVE-2023-3635. This bulletin contains information regarding the vulnerabili...
SUSE SLED15 / SLES15 Security Update : gstreamer-plugins-bad (SUSE-SU-2025:01737-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:01737-1 advisory. - CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809. Tenable has...
CVE-2025-5262
A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...
Security update for gstreamer-plugins-bad
This update for gstreamer-plugins-bad fixes the following issues: CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
SUSE-SU-2025:01737-1 Security update for gstreamer-plugins-bad
This update for gstreamer-plugins-bad fixes the following issues: - CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809...
SUSE-SU-2025:01729-1 Security update for gstreamer-plugins-bad
This update for gstreamer-plugins-bad fixes the following issues: - CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809...
Security update for gstreamer-plugins-bad
This update for gstreamer-plugins-bad fixes the following issues: CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...
UBUNTU-CVE-2025-5262
A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...
SUSE-SU-2025:01717-1 Security update for gstreamer-plugins-bad
This update for gstreamer-plugins-bad fixes the following issues: - CVE-2025-3887: Fixed possible RCE vulnerability via buffer overflow in H265 Codec Parsing bsc1242809...
CVE-2025-5262
CVE-2025-5262: A double-free in vpx_codec_enc_init_multi after a failed allocation during WebRTC encoder initialization can cause memory corruption and a potentially exploitable crash. Affected: Thunderbird < 139 and Thunderbird
gstreamer1-plugins-bad-free: mingw-gstreamer1-plugins-bad-free: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
A flaw was found in GStreamer H265 Codec Parsing gstreamer1-plugins-bad-free. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers...
gstreamer1-plugins-bad-free: mingw-gstreamer1-plugins-bad-free: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
A flaw was found in GStreamer H265 Codec Parsing gstreamer1-plugins-bad-free. This vulnerability allows remote attackers to execute arbitrary code by parsing H265 slice headers...
Important: Red Hat Security Advisory: gstreamer1-plugins-bad-free security update
An update for gstreamer1-plugins-bad-free is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...