43 matches found
Astra Linux - уязвимость в ffmpeg
In FFmpeg versions prior to 5.1.2, the libavcodec/pthreadframe.c file, used in VLC and other products, leaves stale hwaccel state in worker threads. This allows attackers to trigger a use-after-free and execute arbitrary code under certain circumstances e.g., during hardware reinitialization upon...
EUVD-2015-2824
Malware in sbrugna...
EUVD-2015-2827
Malware in sbrugna...
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).
...
OESA-2024-1875 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An integer overflow...
August 22, 2023—KB5029332 (OS Build 22000.2360) Preview
August 22, 2023—KB5029332 OS Build 22000.2360 Preview 8/8/23 IMPORTANT After September 26, 2023, there will no longer be optional, non-security preview releases for Windows 11, version 21H2. Only cumulative monthly security updates will continue for the supported versions of Windows 11, version...
libsdl2: Multiple Vulnerabilities
Background Simple DirectMedia Layer is a cross-platform development library designed to provide low level access to audio, keyboard, mouse, joystick, and graphics hardware via OpenGL and Direct3D. Description Multiple vulnerabilities have been discovered in libsdl2. Please review the CVE...
SUSE CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
DEBIAN-CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
SUSE CVE-2015-2737
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...
SUSE CVE-2015-7180
The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other...
SUSE CVE-2017-7845
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects...
November 22, 2022—KB5020032 (OS Build 20348.1311) Preview
November 22, 2022—KB5020032 OS Build 20348.1311 Preview NEW 12/22/22 IMPORTANT After November 22, 2022, there are no more optional, non-security preview releases for Windows Server 2022. Only cumulative monthly security updates known as the "B" or Update Tuesday release will continue for Windows...
February 9, 2021—KB4601315 (OS Build 18363.1377) - EXPIRED
February 9, 2021—KB4601315 OS Build 18363.1377 - EXPIRED NEW 8/5/21 EXPIRATION NOTICEIMPORTANT As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality...
Google Fixes High-Severity Chrome Browser Code Execution Bug
The Google Chrome web browser has a high-severity vulnerability that could be used to execute arbitrary code, researchers say. The flaw has been fixed in the Chrome 85 stable channel, set to be rolled out to users this week. The flaw CVE-2020-6492 is a use-after-free vulnerability in the WebGL We...
Google Chrome WebGL code execution vulnerability
Summary A use-after-free read vulnerability exists in Google Chrome 81.0.4044.138 Stable, 84.0.4136.5 Dev and 84.0.4143.7 Canary, when a WebGL component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the context of...
Streaming issues that are related to Microsoft Media Foundation in Windows 7
Streaming issues that are related to Microsoft Media Foundation in Windows 7 Symptoms A hotfix is available for Microsoft Media Foundation in Windows 7. This hotfix resolves the following streaming issues that relate to Media Foundation: Issue 1 You cannot stream some audio files to multiple...
An application that uses Direct2D or Direct3D may crash in Windows 7 or in Windows Server 2008 R2
An application that uses Direct2D or Direct3D may crash in Windows 7 or in Windows Server 2008 R2 Symptoms Consider the following scenario: You are using a Windows 7 or Windows Server 2008 R2-based computer You are running application that uses Internet Explorer or Internet Explorer components to...
CVE-2017-7845
A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. This is due to an incorrect value being passed within the library during checks and results in a potentially exploitable crash. Note: This attack only affects...