3 matches found
CVE-2025-69771
CVE-2025-69771 is a Cross-Site Scripting (XSS) vulnerability in the subtitle loading function of the asbplayer Chrome Extension (version 1.14.0). The issue allows an attacker to host a crafted .srt subtitle file that executes arbitrary JavaScript in the active streaming platform’s context, bypass...
CVE-2025-47808
A flaw was found in gstreamer1-plugins-base. The subparse plugin's tmplayerparseline function incorrectly attempts to dereference a NULL pointer during subtitle file parsing. This flaw allows a local attacker to provide a specially crafted subtitle file, causing the program to crash. Mitigation...
The vulnerability of the ParseSSA function in the modules/demux/subtitle.c file of the Media Player software VideoLAN VLC allows a hacker to execute arbitrary code.
The vulnerability of the ParseSSA function in the modules/demux/subtitle.c file of the Media Player software VideoLAN VLC is related to buffer overflow in the dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially crafted .ssa extension...