18 matches found
EUVD-2026-38607
A flaw was found in GStreamer's gst-plugins-bad package. When processing a specially crafted H.264 video file containing malformed MVC or SVC extension slice NAL units, a 1-byte heap out-of-bounds read can occur during parsing. This happens when the parser attempts to check slice boundary...
EUVD-2022-49483
Malicious code in bioql PyPI...
CVE-2025-43349
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7, visionOS 26, iOS 18.7 and iPadOS 18.7. Processing a maliciously crafted video file may lead to unexpected app...
CVE-2025-43349
CVE-2025-43349 describes an out-of-bounds write in media processing that may cause an app to terminate when handling a malicious video file. The Apple security content lists affected components (e.g., CoreMedia and CoreAudio entries) and notes that the issue is fixed by updating to newer OS relea...
CVE-2024-44232
The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, macOS Sonoma 14.7.1, macOS Ventura 13.7.1, tvOS 18.1, visionOS 2.1, watchOS 11.1. Parsing a maliciously crafted video file may lead to unexpected...
CVE-2025-24190
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing a maliciously crafted video file may lead to unexpected app...
Apple多款产品 安全漏洞
Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple macOS is a proprietary operating system developed for Mac computers. A security vulnerability exists in multiple Apple products that originates from an improper boundary check, where...
PT-2024-31060 · Apple · Ipados +5
Name of the Vulnerable Software and Affected Versions: macOS Sonoma versions prior to 14.7.1 macOS Ventura versions prior to 13.7.1 visionOS versions prior to 2.1 watchOS versions prior to 11.1 tvOS versions prior to 18.1 iOS versions prior to 17.7.1 and prior to 18.1 iPadOS versions prior to...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS version 15, which stems from the fact that processing a maliciously crafted video file may cause the application to terminate...
CVE-2024-40846
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7. Processing a maliciously crafted video file may lead to unexpected app termination...
PT-2023-7372 · Adobe · Premiere Pro
Name of the Vulnerable Software and Affected Versions: Adobe Premiere Pro versions 24.0 and earlier Adobe Premiere Pro versions 23.6 and earlier Description: The issue is related to an Access of Uninitialized Pointer, which could lead to disclosure of sensitive memory. An attacker could leverage...
SUSE CVE-2022-2566
A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in buildopengopkeypoints goes through all entries in the loop and adds sc-cttsdatai.count to sc-sampleoffsetscount. This can lead to an integer overflow resulting in a small allocation with avcalloc. An...
CVE-2022-42846
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2. Parsing a maliciously crafted video file may lead to unexpected system termination...
Denial Of Service (DoS)
libde265.so is vulnerable to Denial Of Service DoS. The vulnerability exists due to a heap-buffer-overflow in the putunweightedpred16fallback function in fallback-motion.cc, which allows a remote attacker to crash the application via a malicious video file...
Denial Of Service (DoS)
libde265.so is vulnerable to denial of service. The vulnerability exists due to heap-buffer-overflow in the ffhevcputweightedpredavg8sse function in sse-motion.cc, which allows a remote attacker to crash the application via a malicious video file...
Denial Of Service (DoS)
FFmpeg is vulnerable to denial of service. An attacker is able to hog the CPU via a malicious video file in Matroska format as the handleopenbrace function in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
VLC Media Player Allows Desktop Takeover Via Malicious Video Files
Two high-risk vulnerabilities in the VLC media player could allow an adversary to craft a malicious .MKV video file that could be used in an attack to gain control of the victim’s PC. The flaws were made public Monday by the developer of the open-source VLC media player, VideoLAN project, who als...
Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must visit a malicious page or open a malicious video file. The specific flaw exists within the parsing of the length records of...