6 matches found
EUVD-2025-208115
An arbitrary file upload vulnerability in the subtitle loading function of asbplayer v1.13.0 allows attackers to execute arbitrary code via uploading a crafted subtitle file...
CVE-2025-69771
Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...
CVE-2025-69771
CVE-2025-69771 is a Cross-Site Scripting (XSS) vulnerability in the subtitle loading function of the asbplayer Chrome Extension (version 1.14.0). The issue allows an attacker to host a crafted .srt subtitle file that executes arbitrary JavaScript in the active streaming platform’s context, bypass...
CVE-2025-47808
A flaw was found in gstreamer1-plugins-base. The subparse plugin's tmplayerparseline function incorrectly attempts to dereference a NULL pointer during subtitle file parsing. This flaw allows a local attacker to provide a specially crafted subtitle file, causing the program to crash. Mitigation...
UBUNTU-CVE-2023-37329
GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may va...
The vulnerability of the ParseSSA function in the modules/demux/subtitle.c file of the Media Player software VideoLAN VLC allows a hacker to execute arbitrary code.
The vulnerability of the ParseSSA function in the modules/demux/subtitle.c file of the Media Player software VideoLAN VLC is related to buffer overflow in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted .ssa extension...