Lucene search
K

964 matches found

Positive Technologies
Positive Technologies
added yesterday8 views

PT-2026-57709

Name of the Vulnerable Software and Affected Versions Real Estate Manager Pro versions prior to 12.8.4 Description Improper neutralization of input during web page generation allows for Reflected Cross-site Scripting XSS, a flaw where an application includes untrusted data in a web page without...

7.1CVSS6.2AI score0.00251EPSS
Exploits0References3
OSV
OSV
added 2026/07/06 6:29 a.m.4 views

OESA-2026-2867 aom security update

The Alliance for Open Media’s focus is to deliver a next-generation video format that is: Security Fixes: An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows ...

7.1CVSS6.7AI score0.00414EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 6:29 a.m.5 views

OESA-2026-2866 aom security update

The Alliance for Open Media’s focus is to deliver a next-generation video format that is: Security Fixes: An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows ...

7.1CVSS6.7AI score0.00414EPSS
Exploits0References4
OSV
OSV
added 2026/07/06 6:29 a.m.5 views

OESA-2026-2864 aom security update

The Alliance for Open Media’s focus is to deliver a next-generation video format that is: Security Fixes: An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows ...

7.1CVSS6.7AI score0.00414EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability in freerdp3

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, division by zero occurred in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign was 0, resulting in a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize, where blocksize =...

7.5CVSS5.8AI score0.00303EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/23 7:53 p.m.7 views

EUVD-2026-38606

A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...

4.3CVSS5.7AI score0.00276EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/23 2:19 a.m.7 views

SUSE CVE-2026-56209

An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows an attacker to inject an arbitrary pointer into the cyclic refresh map field via crafted image pixel value...

8.1CVSS6AI score0.00272EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/23 2:19 a.m.7 views

SUSE CVE-2026-56210

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...

7.1CVSS5.8AI score0.00245EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/23 2:19 a.m.6 views

SUSE CVE-2026-56211

A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...

7.5CVSS6.7AI score0.00414EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.10 views

PT-2026-51590

Name of the Vulnerable Software and Affected Versions GStreamer gst-plugins-bad affected versions not specified Description A flaw in the gst-plugins-bad package occurs when processing a specially crafted H.264 video file containing malformed Multiview Video Coding MVC or Scalable Video Coding SV...

4.4CVSS5.8AI score0.00119EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-56209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding...

7.1CVSS6.2AI score0.00272EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-56211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC...

7.1CVSS6.5AI score0.00414EPSS
Exploits0References4
NVD
NVD
added 2026/06/19 5:16 p.m.11 views

CVE-2026-56209

An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows an attacker to inject an arbitrary pointer into the cyclic refresh map field via crafted image pixel value...

7.1CVSS0.00272EPSS
Exploits0References6
NVD
NVD
added 2026/06/19 5:16 p.m.10 views

CVE-2026-56210

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...

7.1CVSS0.00245EPSS
Exploits0References6
NVD
NVD
added 2026/06/19 5:16 p.m.15 views

CVE-2026-56211

A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...

7.1CVSS0.00414EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/19 4:28 p.m.5 views

CVE-2026-56211 Libaom: libaom: remote code execution via svc layer context handling with attacker-controlled frames

A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...

7.1CVSS6.7AI score0.00414EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/06/19 4:28 p.m.5 views

CVE-2026-56210 Libaom: libaom: heap-buffer-overflow read via missing bounds check in ctrl_set_layer_id

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...

7.1CVSS5.8AI score0.00245EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/19 4:28 p.m.7 views

EUVD-2026-38047

A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation. Insufficient bounds validation in the AV1 encoder's SVC Scalable Video Coding layer ID control allows an attacker to supply crafted video frame pixels that overlap with internal encoder layer contex...

7.1CVSS6.7AI score0.00414EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/19 4:28 p.m.7 views

EUVD-2026-38046

A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation. A missing bounds check in the SVC Scalable Video Coding layer ID control function allows setting a spatiallayerid exceeding the configured number of layers. This causes an out-of-bounds heap rea...

7.1CVSS5.8AI score0.00245EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 4:28 p.m.26 views

CVE-2026-56211

CVE-2026-56211 concerns libaom, the reference AV1 codec. The vulnerability stems from insufficient bounds validation in the AV1 encoder’s SVC layer ID control, enabling an attacker-provided frame to overlap internal encoder layer context structures. In fork-based video processing services, this c...

7.1CVSS6.7AI score0.00414EPSS
Exploits0References6
Rows per page
Query Builder