Lucene search
K

6 matches found

EUVD
EUVD
added 2026/02/25 6:31 p.m.12 views

EUVD-2025-208115

An arbitrary file upload vulnerability in the subtitle loading function of asbplayer v1.13.0 allows attackers to execute arbitrary code via uploading a crafted subtitle file...

6AI score0.00323EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/25 12:0 a.m.3 views

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

6.1AI score0.00323EPSS
Exploits0References2
CVE
CVE
added 2026/02/25 12:0 a.m.11 views

CVE-2025-69771

CVE-2025-69771 is a Cross-Site Scripting (XSS) vulnerability in the subtitle loading function of the asbplayer Chrome Extension (version 1.14.0). The issue allows an attacker to host a crafted .srt subtitle file that executes arbitrary JavaScript in the active streaming platform’s context, bypass...

9.6CVSS6.1AI score0.00323EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/08 11:35 a.m.3 views

CVE-2025-47808

A flaw was found in gstreamer1-plugins-base. The subparse plugin's tmplayerparseline function incorrectly attempts to dereference a NULL pointer during subtitle file parsing. This flaw allows a local attacker to provide a specially crafted subtitle file, causing the program to crash. Mitigation...

5.6CVSS5.7AI score0.00459EPSS
Exploits1References5
OSV
OSV
added 2023/07/31 12:0 a.m.1 views

UBUNTU-CVE-2023-37329

GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may va...

8.8CVSS7.8AI score0.01643EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2019/11/11 12:0 a.m.6 views

The vulnerability of the ParseSSA function in the modules/demux/subtitle.c file of the Media Player software VideoLAN VLC allows a hacker to execute arbitrary code.

The vulnerability of the ParseSSA function in the modules/demux/subtitle.c file of the Media Player software VideoLAN VLC is related to buffer overflow in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted .ssa extension...

6.8CVSS6.4AI score0.11778EPSS
Exploits1References10Affected Software2
Rows per page
Query Builder