Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.6 views

SUSE CVE-2018-6360

mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdlhook.lua. For example, an av://lavfi:ladspa=file= UR...

8.8CVSS7.6AI score0.02642EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.14 views

Mageia: Security Advisory (MGASA-2018-0130)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.02642EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/02/20 12:0 a.m.30 views

openSUSE Security Update : mpv (openSUSE-2018-173)

This update for mpv fixes the following issues : MPV was updated to version 0.27.2 Security issues fixed : - CVE-2018-6360: Additional fix for where mpv allowed remote attackers to execute arbitrary code via a crafted website, because it read HTML documents containing VIDEO elements, and accepts...

8.8CVSS8.3AI score0.02642EPSS
Exploits1References3
ArchLinux
ArchLinux
added 2018/02/13 12:0 a.m.24 views

[ASA-201802-7] mpv: arbitrary code execution

Arch Linux Security Advisory ASA-201802-7 ========================================= Severity: High Date : 2018-02-13 CVE-ID : CVE-2018-6360 Package : mpv Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-605 Summary ======= The package mpv before version...

8.8CVSS1.8AI score0.02642EPSS
Exploits1References5
Debian
Debian
added 2018/02/09 12:17 a.m.25 views

[SECURITY] [DSA 4105-2] mpv security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4105-2 [email protected] https://www.debian.org/security/ February 08, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

8.8CVSS8.9AI score0.02642EPSS
Exploits1
Debian
Debian
added 2018/02/09 12:17 a.m.24 views

[SECURITY] [DSA 4105-2] mpv security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4105-2 [email protected] https://www.debian.org/security/ February 08, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

6.8CVSS1.6AI score0.02642EPSS
Exploits1
Debian
Debian
added 2018/02/07 2:49 a.m.17 views

[SECURITY] [DSA 4105-1] mpv security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4105-1 [email protected] https://www.debian.org/security/ February 06, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

6.8CVSS1.5AI score0.02642EPSS
Exploits1
Debian
Debian
added 2018/02/07 2:49 a.m.41 views

[SECURITY] [DSA 4105-1] mpv security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4105-1 [email protected] https://www.debian.org/security/ February 06, 2018 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

8.8CVSS8.9AI score0.02642EPSS
Exploits1
OSV
OSV
added 2018/01/28 2:29 a.m.23 views

CVE-2018-6360

mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdlhook.lua. For example, an av://lavfi:ladspa=file= UR...

8.8CVSS7.8AI score
Exploits0References4
NVD
NVD
added 2018/01/28 2:29 a.m.16 views

CVE-2018-6360

mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdlhook.lua. For example, an av://lavfi:ladspa=file= UR...

8.8CVSS8.7AI score0.02642EPSS
Exploits1References4
CVE
CVE
added 2018/01/28 2:0 a.m.346 views

CVE-2018-6360

mpv = 0.27.1, Mageia citing 0.27.2+, and Alpine noting vulnerability up to 0.28.0). If exploitation details are not provided in a document, they are not assumed; rely on the stated fixes.

8.8CVSS8.6AI score0.02642EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder