964 matches found
PT-2026-57709
Name of the Vulnerable Software and Affected Versions Real Estate Manager Pro versions prior to 12.8.4 Description Improper neutralization of input during web page generation allows for Reflected Cross-site Scripting XSS, a flaw where an application includes untrusted data in a web page without...
OESA-2026-2867 aom security update
The Alliance for Open Media’s focus is to deliver a next-generation video format that is: Security Fixes: An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows ...
OESA-2026-2866 aom security update
The Alliance for Open Media’s focus is to deliver a next-generation video format that is: Security Fixes: An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows ...
OESA-2026-2864 aom security update
The Alliance for Open Media’s focus is to deliver a next-generation video format that is: Security Fixes: An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows ...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, division by zero occurred in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign was 0, resulting in a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize, where blocksize =...
EUVD-2026-38606
A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...
SUSE CVE-2026-56209
An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows an attacker to inject an arbitrary pointer into the cyclic refresh map field via crafted image pixel value...
SUSE CVE-2026-56210
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...
SUSE CVE-2026-56211
A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...
PT-2026-51590
Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description A flaw in the gst-plugins-bad package occurs when processing a specially crafted H.264 video file containing malformed Multiview Video Coding MVC or Scalable Video Coding SV...
Linux Distros Unpatched Vulnerability : CVE-2026-56209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding...
Linux Distros Unpatched Vulnerability : CVE-2026-56211
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC...
CVE-2026-56209
An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows an attacker to inject an arbitrary pointer into the cyclic refresh map field via crafted image pixel value...
CVE-2026-56210
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...
CVE-2026-56211
A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...
CVE-2026-56211 Libaom: libaom: remote code execution via svc layer context handling with attacker-controlled frames
A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...
CVE-2026-56210 Libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...
EUVD-2026-38047
A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...
EUVD-2026-38046
A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...
CVE-2026-56211
CVE-2026-56211 concerns libaom, the reference AV1 codec. The vulnerability stems from insufficient bounds validation in the AV1 encoder’s SVC layer ID control, enabling an attacker-provided frame to overlap internal encoder layer context structures. In fork-based video processing services, this c...