Lucene search
K

2218 matches found

CVE
CVE
added 4 days ago9 views

CVE-2026-12123

CVE-2026-12123 describes a Server-Side Request Forgery in the WordPress plugin All-in-One Video Gallery (versions

6.4CVSS6AI score0.00246EPSS
Exploits0References12
NVD
NVD
added 2026/07/06 12:16 p.m.9 views

CVE-2025-15667

A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerability affects the function gfisomnalusamplerewrite of the file src/isomedia/avcext.c of the component MP4Box. This manipulation of the argument naluoutbs causes double free. It is possible to launch the attack on the local host. T...

4.8CVSS0.00112EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.12 views

PT-2026-55929

Name of the Vulnerable Software and Affected Versions GPAC versions prior to 2.5-DEV Description A double free occurs in the MP4Box component within the gf isom nalu sample rewrite function located in the src/isomedia/avc ext.c file. This issue is triggered by the manipulation of the nalu out bs...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References12
EUVD
EUVD
added 2026/07/02 12:31 a.m.8 views

EUVD-2026-41218

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 12:31 a.m.9 views

EUVD-2026-41217

An access violation in the BaseSplitterFile::Read function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References3
NVD
NVD
added 2026/07/01 10:16 p.m.6 views

CVE-2026-36909

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

6.2CVSS0.0012EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 10:16 p.m.7 views

CVE-2026-36911

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00111EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 10:16 p.m.6 views

CVE-2026-36910

An access violation in the BaseSplitterFile::Read function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS0.00113EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 10:16 p.m.4 views

CVE-2026-36912

A NULL pointer dereference in the AP4AtomSampleTable::GetSample function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

7.5CVSS0.00343EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.33 views

CVE-2026-36909

A NULL pointer dereference in the AP4TkhdAtom::GetTrackId function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.0012EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 12:0 a.m.34 views

CVE-2026-36910

An access violation in the BaseSplitterFile::Read function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

0.00113EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 12:0 a.m.5 views

CVE-2026-36911

A division-by-zero vulnerability in the CStreamSwitcherOutputPin::DecideBufferSize function of Aleksoid1978 MPC-BE before commit 4341cb3 allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.8AI score0.00111EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 12:0 a.m.13 views

CVE-2026-36911

Summary of CVE-2026-36911 (MPC-BE) : A division-by-zero vulnerability exists in the file parsing/processing path: the function CStreamSwitcherOutputPin::DecideBufferSize in MPC-BE (before commit 4341cb3). This can be triggered by a crafted MP4 file, leading to a Denial of Service . Affected softw...

5.5CVSS5.8AI score0.00111EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.11 views

PT-2026-54757

Name of the Vulnerable Software and Affected Versions Aleksoid1978 MPC-BE versions prior to commit 4341cb3 Description A NULL pointer dereference occurs in the AP4 AtomSampleTable::GetSample function. This issue allows an attacker to trigger a Denial of Service DoS by providing a specially crafte...

7.5CVSS5.9AI score0.00343EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/26 12:0 a.m.5 views

CVE-2026-36907

A stack overflow in the AP4StsdAtom::AP4StsdAtom component of axiomatic-systems Bento4 before v1.8.9allows attackers to cause a Denial of Service DoS via a crafted MP4 file...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References3
CVE
CVE
added 2026/06/26 12:0 a.m.13 views

CVE-2026-36908

CVE-2026-36908 affects Bento4 prior to v1.8.9, where a stack overflow in AP4_Array::EnsureCapacity can lead to DoS via a crafted MP4 file. The available documents confirm the component and impact but do not provide explicit remediation steps or exploitation details. Further details on fixes are n...

5.5CVSS5.8AI score0.00142EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 12:17 a.m.8 views

CVE-2025-60473

A NULL pointer dereference in the gffilterinparentchain function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

5.5CVSS0.00141EPSS
Exploits1References6
CVE
CVE
added 2026/06/25 12:0 a.m.12 views

CVE-2025-60464

GPAC MP4Box contains a use-after-free in gf_sei_load_from_state_internal (in /filters/sei_load.c) affecting builds before 26.02.0. This vulnerability can allow a Denial of Service when processing a crafted MPEG-2 TS file. The issue is described across multiple sources (NVD/NVD variant, AttackersK...

7.8CVSS5.9AI score0.00144EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

Oracle Linux 9 : nginx (ELSA-2026-19374)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-19374 advisory. - Resolves: RHEL-176232 - nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 - RHEL-159560 CVE-2026-27654 nginx: NGINX: Denial of Service or...

9.2CVSS6.5AI score0.61469EPSS
Exploits40References2
Oracle linux
Oracle linux
added 2026/06/24 12:0 a.m.7 views

nginx:1.24 security update

1.24.0-3.0.1.2 - Remove Red Hat references Orabug: 29498217 1:1.24.0-3.2 - Resolves: RHEL-178676 - nginx:1.24/nginx: code execution and denial of service CVE-2026-9256 - Resolves: RHEL-182543 - nginx: HTTP/2: Remote Denial of Service via compression bomb and Slowloris-style attack 1:1.24.0-3.1 -...

9.2CVSS6.6AI score0.99999EPSS
Exploits72
Rows per page
Query Builder