6 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-5673
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libtheora. This heap-based out-of-bounds read vulnerability exists within the AVI Audio Video Interleave parser, specifically in the...
TencentOS Server 2: nginx (TSSA-2025:0525)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0525 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
nginx: Memory disclosure in the ngx_http_mp4_module
A vulnerability was found in NGINX’s module, ngxhttpmp4module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngxhttpmp4module...
ALPINE-CVE-2022-41742
NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to cause a worker process crash, or might...
Ffmpeg 'decode_plane' function denial of service vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'decodeplane' function in the libavcodec/utvideodec.c file in FFmpeg 3.4.2 and earlier versions. A remote attacker can exploit this vulnerability to...
UBUNTU-CVE-2016-7905
The readgab2sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service NULL pointer used via a crafted AVI file...