PT-2026-47173

$1,000 of compute found 21 zero-days in FFmpeg. An autonomous agent called depthfirst scanned roughly 1.5 million lines of C, then wrote a reproducible proof-of-concept for every bug it reported. The shift is that second half. Not a list of suspicious lines for a human to chase, but 21 crashing...

Astra Linux - уязвимость в ffmpeg5

A flaw was discovered in FFmpeg’s HLS demuxer. This vulnerability allows bypassing checks for unsafe file extensions and triggering arbitrary demuxers using base64-encoded data URIs, along with specific file extensions...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gstreamer-plugins-ugly (SUSE-SU-2026:0998-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0998-1 advisory. - CVE-2026-2920: GStreamer ASF Demuxer Heap-based Buffer Overflow Remote Code Execution...

JLSEC-2025-146 A flaw was found in FFmpeg's HLS demuxer

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...

Linux Distros Unpatched Vulnerability : CVE-2019-15232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession,...

CVE-2023-6601

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...

DEBIAN-CVE-2023-6601

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...

CVE-2023-6601

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...

UBUNTU-CVE-2023-6601

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...

CVE-2023-6601 Ffmpeg: hls unsafe file extension bypass in ffmpeg

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...

CVE-2023-6601

CVE-2023-6601 is a vulnerability in FFmpeg’s HLS demuxer that enables bypassing unsafe file extension checks and triggering arbitrary demuxers via base64 data URIs with specific extensions. Public details in the provided connected advisories attribute the issue to FFmpeg and acknowledge fixes in ...

CVE-2023-6601 Ffmpeg: hls unsafe file extension bypass in ffmpeg

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...

openSUSE: Security Advisory for vlc (openSUSE-SU-2023:0365-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-6601

A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions...

OPENSUSE-SU-2023:0365-1 Security update for vlc

This update for vlc fixes the following issues: Update to version 3.0.20: + Video Output: - Fix green line in fullscreen in D3D11 video output - Fix crash with some AMD drivers old versions - Fix events propagation issue when double-clicking with mouse wheel + Decoders: - Fix crash when AV1...

Debian: Security Advisory (DSA-5445-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5445-1] gst-plugins-good1.0 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5445-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 02, 2023 https://www.debian.org/security/faq -...

SUSE CVE-2008-5246

Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arbitrary code via vectors that send ID3 data to the 1 id3v22interpframe and 2 id3v24interpframe functions in src/demuxers/id3.c. NOTE: the provenance of this information is unknown; the details are...

[SECURITY] [DLA 1907-1] libav security update

Package : libav Version : 6:11.12-1deb8u8 CVE ID : CVE-2017-9987 CVE-2018-5766 CVE-2018-11102 CVE-2019-14372 CVE-2019-14442 Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library. CVE-2017-9987 In Libav, there was a heap-based buffer overflow...

CVE-2019-15232

Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors...