Lucene search
K

70 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.1 views

EUVD-2022-6377

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00171EPSS
Exploits0References13
Vulnrichment
Vulnrichment
added 2024/11/14 12:0 a.m.12 views

CVE-2024-41217

A heap-based buffer overflow in tsMuxer version nightly-2024-05-10-02-00-45 allows attackers to cause Denial of Service DoS via a crafted MKV video file...

7.2AI score0.00396EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.2 views

SUSE CVE-2016-2464

libvpx in libwebm in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted mkv file, aka internal bug 23167726...

7.8CVSS7.8AI score0.00254EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/01/10 12:5 p.m.30 views

CVE-2022-36313

A flaw was found in the file-type npm package. A malformed MKV file could lead the file type detector to a denial of Service. This issue allows an attacker to input a malicious file and make the server unresponsive...

5.5CVSS3.7AI score0.00171EPSS
Exploits0References3
Veracode
Veracode
added 2022/07/22 5:15 a.m.33 views

Denial Of Service (DoS)

file-type is vulnerable to denial of service. The vulnerability exists in the FileTypeParser function in core.js due to a lack of input sanitization in the file type detector which allows an attacker to cause an application crash by sending mkv file...

5.5CVSS5.6AI score0.00171EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2022/07/22 12:0 a.m.57 views

file-type vulnerable to Infinite Loop via malformed MKV file

An issue was discovered in the file-type package from 13.0.0 until 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack when...

5.5CVSS5.8AI score0.00171EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2022/07/21 4:15 p.m.31 views

CVE-2022-36313

An issue was discovered in the file-type package before 16.5.4 and 17.x before 17.1.3 for Node.js. A malformed MKV file could cause the file type detector to get caught in an infinite loop. This would make the application become unresponsive and could be used to cause a DoS attack...

5.5CVSS5.4AI score
Exploits0References4
Gentoo Linux
Gentoo Linux
added 2021/01/29 12:0 a.m.79 views

VLC: Buffer overflow

Background VLC is a cross-platform media player and streaming server. Description VLC was found to have a buffer overflow when handling crafted MKV files. Impact A remote attacker could entice a user to open a specially crafted MKV file using VLC possibly resulting in execution of arbitrary code...

7.8CVSS4AI score0.00296EPSS
Exploits1
Prion
Prion
added 2020/09/08 10:15 a.m.17 views

Null pointer dereference

u'Null Pointer exception while playing crafted mkv file as data stream get deleted on secondary invalid configuration' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8098, Bitra, Kamorta, SA6155P, Saipan, SM6150, SM7150, SM8150, SM8250, SXR2130...

4.3CVSS5.8AI score0.00143EPSS
Exploits0References2
CVE
CVE
added 2020/09/08 9:31 a.m.48 views

CVE-2020-11122

CVE-2020-11122 corresponds to a Null Pointer dereference in Snapdragon video handling when decoding a crafted MKV data stream. Affected products include Snapdragon Auto, Snapdragon Consumer IoT, and Snapdragon Mobile (APQ8098, Bitra, Kamorta, SA6155P, Saipan, SM6150, SM7150, SM8150, SM8250, SXR21...

5.5CVSS5.7AI score0.00143EPSS
Exploits0References2Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2020/08/27 12:0 a.m.42 views

Microsoft Windows hevcdecoder_store MKV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of M...

7.8CVSS5.5AI score0.1667EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/24 12:0 a.m.30 views

VLC < 2.0.8 Multiple Vulnerabilities

The version of VLC media player installed on the remote Windows host is prior to 2.0.8. It is, therefore, affected by multiple vulnerabilities: - An exploitable denial of service vulnerability exists in plugins/demux/libmkvplugin.dll in VideoLAN VLC Media Player 2.0.7 and possibly other versions...

6.8CVSS6.6AI score0.03905EPSS
Exploits2References4
OSV
OSV
added 2019/08/29 7:15 p.m.19 views

CVE-2019-14970

A vulnerability in mkv::eventthreadt in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file...

7.8CVSS7AI score
Exploits0References8
NVD
NVD
added 2019/08/29 7:15 p.m.15 views

CVE-2019-14970

A vulnerability in mkv::eventthreadt in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file...

7.8CVSS8.6AI score0.00623EPSS
Exploits0References8
Prion
Prion
added 2019/08/29 7:15 p.m.11 views

Heap overflow

A vulnerability in mkv::eventthreadt in VideoLAN VLC media player 3.0.7.1 allows remote attackers to trigger a heap-based buffer overflow via a crafted .mkv file...

6.8CVSS8AI score0.00623EPSS
Exploits0References8Affected Software2
AlpineLinux
AlpineLinux
added 2019/08/29 6:45 p.m.21 views

CVE-2019-14776

A heap-based buffer over-read exists in DemuxInit in demux/asf/asf.c in VideoLAN VLC media player 3.0.7.1 via a crafted .mkv file...

7.8CVSS8.5AI score0.00417EPSS
Exploits0
CVE
CVE
added 2019/06/18 5:53 p.m.280 views

CVE-2019-12874

CVE-2019-12874 affects VLC media player 3.x up to 3.0.7. The Matroska demuxer’s MKV parser has a double free in zlib_decompress_extra, with related MKV processing flaws that can, per advisory texts, lead to a crash or possibly arbitrary code execution. Some sources also describe related DoS risk....

9.8CVSS8AI score0.00897EPSS
Exploits0References8Affected Software1
UbuntuCve
UbuntuCve
added 2019/06/18 12:0 a.m.19 views

CVE-2019-12874

An issue was discovered in zlibdecompressextra in modules/demux/mkv/util.cpp in VideoLAN VLC media player 3.x through 3.0.7. The Matroska demuxer, while parsing a malformed MKV file type, has a double free...

9.8CVSS7.3AI score0.00897EPSS
Exploits0References2
Hacker One
Hacker One
added 2019/02/28 4:23 a.m.27 views

VLC (European Commission - DIGIT): Access Violation Reading EXPLOITABLE_0228

1 Basic info of application 1.1 Info of application Application NamevVLC media player for Windows Application Versionv4.0.0-dev Otto Chriek Download Address: http://nightlies.videolan.org/ Testing OS: Windows 8 2 Info of test file 2.1 Test file info Normal file name: normal.mkv Normal file type:...

4.3CVSS7.2AI score0.00914EPSS
Exploits1
Hacker One
Hacker One
added 2019/02/27 2:45 p.m.40 views

VLC (European Commission - DIGIT): Access Violation Reading in libfaad_plugin

1 Basic info of application 1.1 Info of application Application Name VLC media player for Windows Application Version 4.0.0-dev Otto Chriek Download Address http://nightlies.videolan.org/ Testing OS Windows 8 2 Info of test file 2.1 Test file info Normal file name normal.mkv Normal file type...

5.8CVSS8.1AI score0.01185EPSS
Exploits1
Rows per page
Query Builder