CVE-2026-43182 media: ccs: Avoid possible division by zero

In the Linux kernel, the following vulnerability has been resolved: media: ccs: Avoid possible division by zero Calculating maximum M for scaler configuration involves dividing by MINXOUTPUTSIZE limit register's value. Albeit the value is presumably non-zero, the driver was missing the check it i...

Founder Electronics Enjoys All-Media Acquisition and Editing System 注入漏洞

Founder Electronics Enjoys All-Media Acquisition and Editing System is an all-media acquisition and editing system from China's Founder Electronics. An injection vulnerability exists in Founder Electronics Enjoys All-Media Acquisition and Editing System version 3.0, which stems from an incorrect...

Founder Electronics Enjoys All-Media Acquisition and Editing System 代码问题漏洞

Founder Electronics Enjoys All-Media Acquisition and Editing System is an all-media acquisition and editing system from Founder Electronics, a Chinese company. A code issue vulnerability exists in Founder Electronics Enjoys All-Media Acquisition and Editing System version 3.0, which stems from an...

SQL Injection Vulnerability in Founder Unlimited Media News Editorial System of Beijing Beifang Founder Electronics Co.

Beijing Beifang Founder Electronics Co., Ltd. is a leading technology and service provider in the fields of printing, media, publishing, and font libraries. A SQL injection vulnerability exists in Beijing Founder Electronics Co., Ltd.'s Founder Unlimited All-Media News Gathering and Editing Syste...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, which allows attackers to execute XSS attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website’s structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks...

SQL Injection Vulnerability in Founder Unbridled All-Media News Gathering and Editing System of Beijing Beifang Founder Electronics Co. Ltd (CNVD-2024-40569)

Beijing Founder Electronics Co., Ltd. is a leading provider of technology, products and services in the field of cross-media information communication. A SQL injection vulnerability exists in the Founder Unlimited Media News Collection System of Beijing Founder Electronics Co., Ltd, which can be...

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to carry out cross-site scripting attacks...

The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability could allow a malicious actor to carry out cross-site scripting attacks...

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform DOM-based XSS attacks remotely...

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to carry out cross-site scripting attacks.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of Adobe Experience Manager’s content and media data management system, which stems from the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of Adobe Experience Manager’s content and media data management system exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

CVE-2023-49096

Jellyfin is a Free Software Media System for managing and streaming media. In affected versions there is an argument injection in the VideosController, specifically the /Videos//stream and /Videos//stream. endpoints which are present in the current Jellyfin version. Additional endpoints in the...

Design/Logic Flaw

Jellyfin is a Free Software Media System for managing and streaming media. In affected versions there is an argument injection in the VideosController, specifically the /Videos//stream and /Videos//stream. endpoints which are present in the current Jellyfin version. Additional endpoints in the...

CVE-2023-49096

Jellyfin (CVE-2023-49096) is vulnerable to argument injection in FFmpeg via the Videos//stream and Videos//stream. endpoints (and related AudioController endpoints). An unauthenticated attacker can attempt to inject extra FFmpeg arguments by abusing query parameters such as videoCodec and audioCo...

CVE-2023-49096 Argument Injection in FFmpeg codec parameters in Jellyfin

Jellyfin is a Free Software Media System for managing and streaming media. In affected versions there is an argument injection in the VideosController, specifically the /Videos//stream and /Videos//stream. endpoints which are present in the current Jellyfin version. Additional endpoints in the...

CVE-2023-30626

Jellyfin is a free-software media system. Versions starting with 10.8.0 and prior to 10.8.10 and prior have a directory traversal vulnerability inside the ClientLogController, specifically /ClientLog/Document. When combined with a cross-site scripting vulnerability CVE-2023-30627, this can result...

Directory traversal

Jellyfin is a free-software media system. Versions starting with 10.8.0 and prior to 10.8.10 and prior have a directory traversal vulnerability inside the ClientLogController, specifically /ClientLog/Document. When combined with a cross-site scripting vulnerability CVE-2023-30627, this can result...

CVE-2023-30626 Jellyfin vulnerable to directory traversal and file write causing arbitrary code execution

Jellyfin is a free-software media system. Versions starting with 10.8.0 and prior to 10.8.10 and prior have a directory traversal vulnerability inside the ClientLogController, specifically /ClientLog/Document. When combined with a cross-site scripting vulnerability CVE-2023-30627, this can result...

CVE-2023-30626

Jellyfin 10.8.x prior to 10.8.10 is affected by a directory traversal vulnerability in the ClientLogController (/ClientLog/Document). The issue can be combined with a stored XSS in jellyfin-web (CVE-2023-30627) to enable file write and potential remote code execution, with exploitation tied to cl...

CVE-2023-30626 Jellyfin vulnerable to directory traversal and file write causing arbitrary code execution

Jellyfin is a free-software media system. Versions starting with 10.8.0 and prior to 10.8.10 and prior have a directory traversal vulnerability inside the ClientLogController, specifically /ClientLog/Document. When combined with a cross-site scripting vulnerability CVE-2023-30627, this can result...