86 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-0476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability in AOSP Messaging could enable an attacker using a specially crafted file to cause memory corruption during media file and...
Linux Distros Unpatched Vulnerability : CVE-2016-6701
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution vulnerability in libskia in Android 7.0 before 2016-11-01 could enable an attacker using a specially crafted file to cause memory...
CVE-2025-43221
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, visionOS 2.6, tvOS 18.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory...
CVE-2025-49126
Visionatrix is an AI Media processing tool using ComfyUI. In versions 1.5.0 to before 2.5.1, the /docs/flows endpoint is vulnerable to a Reflected XSS Cross-Site Scripting attack allowing full takeover of the application and exfiltration of secrets stored in the application. The implementation us...
CVE-2022-50182
In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Align upwards buffer size The hardware can support any image size WxH, with arbitrary W image width and H image height dimensions. Align upwards buffer size for both encoder and decoder. and leave the picture...
CVE-2023-46928
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gfmediachangepl /afltest/gpac/src/mediatools/isomtools.c:3293:42...
CLSA-2025-1742469561 kernel: Fix of 19 CVEs
net: defer final 'struct net' free in netns dismantle CVE-2024-56658 - smb: client: fix potential deadlock when releasing mids CVE-2023-52757 - tcp/dccp: Don't use timerpending in reqskqueueunlink. CVE-2024-50154 - ALSA: 6fire: Release resources at card release CVE-2024-53239 - smb: client: fix...
SUSE-SU-2025:0643-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes bsc1227320. - CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist...
SUSE-SU-2025:0650-1 Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-150600105 fixes one issue. The following security issue was fixed: - CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783...
[SECURITY] Fedora 40 Update: mingw-gstreamer1-plugins-base-1.24.10-1.fc40
GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...
[SECURITY] Fedora 40 Update: mingw-gstreamer1-1.24.10-1.fc40
GStreamer is a streaming-media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plug-in-based architecture means that new data types...
[SECURITY] Fedora 41 Update: mingw-gstreamer1-1.24.10-1.fc41
GStreamer is a streaming-media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plug-in-based architecture means that new data types...
[SECURITY] Fedora 41 Update: mingw-gstreamer1-plugins-base-1.24.10-1.fc41
GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...
[SECURITY] Fedora 41 Update: mingw-gstreamer1-plugins-good-1.24.10-1.fc41
GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types ...
BIT-MASTODON-2023-36460 Mastodon vulnerable to arbitrary file creation through media attachments
Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully crafted media files can cause Mastodon's media processing code to create arbitrary files at any location. This allows...
"TootRoot" Mastodon vulnerabilities fixed: Admins, patch now!
One of Twitters big rivals, Mastodon, recently finished fixing four issues which in the worst case allowed for the creation of files on the instances server. Mastodon, whose main selling point is lots of separate communities living on different servers yet still able to communicate, was notified ...
Design/Logic Flaw
Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully crafted media files can cause Mastodon's media processing code to create arbitrary files at any location. This allows...
CVE-2023-36460 Mastodon vulnerable to arbitrary file creation through media attachments
Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully crafted media files can cause Mastodon's media processing code to create arbitrary files at any location. This allows...
PT-2023-8743 · Mastodon · Mastodon
Name of the Vulnerable Software and Affected Versions: Mastodon versions 3.5.0 through 3.5.8 Mastodon versions 4.0.0 through 4.0.4 Mastodon versions 4.1.0 through 4.1.2 Description: The issue arises from a flaw in the media processing code, allowing attackers to create arbitrary files at any...
GSD-2023-1000939 media: s5p-mfc: Clear workbit to handle error condition
media: s5p-mfc: Clear workbit to handle error condition This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...