PT-2026-26632

A buffer overflow vulnerability has been reported to affect Media Streaming Add-On. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Media Streaming Add-on 500.1.1 and later...

CVE-2024-56808

A command injection vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following...

CVE-2024-56807

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...

CVE-2024-56807

The CVE-2024-56807 entry concerns an out-of-bounds read in the Media Streaming add-on. Affected component: Media Streaming add-on; vulnerable condition: out-of-bounds read that can be exploited when an attacker gains local network access. Impact: confidentiality and integrity are not affected; av...

CVE-2024-56807 Media Streaming add-on

An out-of-bounds read vulnerability has been reported to affect Media Streaming add-on. If an attacker gains local network access, they can then exploit the vulnerability to obtain secret data. We have already fixed the vulnerability in the following version: Media Streaming add-on 500.1.1.6...

EUVD-2017-16643

Malware in sbrugna...

EUVD-2017-16645

Malware in sbrugna...

EUVD-2020-23759

Malware in sbrugna...

EUVD-2006-1222

Malware in sbrugna...

EUVD-2025-29048

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-50175

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: Remove usecount guard in stopstreaming The usecount check was introduced...

Linux Distros Unpatched Vulnerability : CVE-2022-49247

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: stk1160: If start stream fails, return buffers with VB2BUFSTATEQUEUED If the callback 'startstreaming' fails, then all queued buffers in the driver shoul...

CVE-2024-50395 Media Streaming add-on

An authorization bypass through user-controlled key vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow local network attackers to gain privilege. We have already fixed the vulnerability in the following version: Media Streaming add-on...

CVE-2023-47220

The CVE-2023-47220 issue affects the Media Streaming add-on prior to version 500.1.1.5. It describes an OS command injection vulnerability that could allow an authenticated administrator to execute commands over the network. The fixed release is Media Streaming add-on 500.1.1.5 (2024-01-22) and l...

CVE-2023-47222

An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following version: Media Streaming add-on...

CVE-2023-47222 Media Streaming add-on

An exposure of sensitive information vulnerability has been reported to affect Media Streaming add-on. If exploited, the vulnerability could allow users to compromise the security of the system via a network. We have already fixed the vulnerability in the following version: Media Streaming add-on...

CVE-2023-48702

Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the /System/MediaEncoder/Path endpoint executes an arbitrary file using ProcessStartInfo via the ValidateVersion function. A malicious administrator can setup a network share and supply a UNC path to...

Design/Logic Flaw

Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the /System/MediaEncoder/Path endpoint executes an arbitrary file using ProcessStartInfo via the ValidateVersion function. A malicious administrator can setup a network share and supply a UNC path to...

CVE-2023-48702

Jellyfin prior to 10.8.13 is affected by a Remote Code Execution flaw in the /System/MediaEncoder/Path endpoint. The endpoint can execute an arbitrary file via ProcessStartInfo through ValidateVersion, if a malicious administrator points it to a UNC path on a network share containing an executabl...

CVE-2023-48702 Jellyfin Possible Remote Code Execution via custom FFmpeg binary

Jellyfin is a system for managing and streaming media. Prior to version 10.8.13, the /System/MediaEncoder/Path endpoint executes an arbitrary file using ProcessStartInfo via the ValidateVersion function. A malicious administrator can setup a network share and supply a UNC path to...