Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 4 : firefox-38.2.0-4.0.1.AXS4 (AXSA:2015-442:07)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-442:07 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. With this update, following issues are...

10CVSS8.5AI score0.09027EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2018-5253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The AP4FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling. CVE-2018-5253 Note...

7.8CVSS7.2AI score0.01007EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2021-30199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In filters/reframelatm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gffilterpckgetdata is called. The first arg pck may be null with a crafted mp4...

5.5CVSS6.5AI score0.00868EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2025/03/26 2:9 p.m.8 views

nginx: specially crafted MP4 file may cause denial of service

A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...

5.7CVSS7.5AI score0.0032EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/02/19 12:0 a.m.3 views

Bento4 安全漏洞

Bento4 is an open source C++ library for reading and writing MP4 files from Axiomatic Systems. A security vulnerability exists in Bento4 version v1.6.0-641, which originates from an information leak in Ap4DescriptorFactory.cpp...

6.5CVSS6.5AI score0.00351EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:18 a.m.3 views

SUSE CVE-2015-4480

Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via crafted MPEG-4 video data with H.264 encoding...

9.3CVSS9.5AI score0.05715EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.2 views

SUSE CVE-2015-4493

Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows remote attackers to execute arbitrary code via an invalid size field in an esds chunk in MPEG-4 video data, a related issue to...

9.3CVSS9.7AI score0.07357EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/10/26 12:0 a.m.5 views

Bento4 缓冲区错误漏洞

Bento4 is an open source C++ library for reading and writing MP4 files. A security vulnerability exists in Bento4 that stems from the presence of a heap-based buffer overflow problem...

7.5CVSS7.5AI score0.01084EPSS
Exploits1References4
OSV
OSV
added 2021/08/12 6:15 p.m.3 views

CVE-2021-36937

Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability...

7.8CVSS7.2AI score0.02104EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/04/16 12:0 a.m.4 views

The vulnerability of the mpeg4decode_studio_block() function in the FFmpeg multimedia library allows a attacker to cause a service failure.

The vulnerability of the mpeg4decodestudioblock function in the FFmpeg multimedia library relates to reading data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause service failures by using specially created MPEG-4 video files...

9.3CVSS7.8AI score0.02751EPSS
Exploits0References7Affected Software3
RedHat Linux
RedHat Linux
added 2018/11/27 9:18 a.m.11 views

nginx: Denial of service and memory disclosure via mp4 module

An instance of missing input sanitization was found in the mp4 module for nginx. A local attacker could create a specially crafted video file that, when streamed by the server, would cause a denial of service server crash or hang and, possibly, information disclosure...

8.2CVSS7.3AI score0.09801EPSS
Exploits1References5
OSV
OSV
added 2015/12/15 12:0 a.m.2 views

UBUNTU-CVE-2015-7222

Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service incorrect memory allocation and application crash via an MP4 video...

6.8CVSS7.7AI score0.04269EPSS
Exploits0References4
CNVD
CNVD
added 2015/08/19 12:0 a.m.3 views

Mozilla Firefox MPEG4 Video Processing Buffer Overflow Vulnerability (CNVD-2015-05454)

Mozilla Firefox is an open source WEB browser. A buffer overflow vulnerability exists in Mozilla Firefox's handling of MPEG4 video, which allows remote attackers to construct a malicious web page and trick the user into parsing it, which could crash the application or execute arbitrary code...

9.3CVSS9.4AI score0.07357EPSS
Exploits0References1
CNVD
CNVD
added 2015/08/19 12:0 a.m.3 views

Mozilla Firefox MPEG4 Video Processing Buffer Overflow Vulnerability (CNVD-2015-05453)

Mozilla Firefox is an open source WEB browser. An integer overflow vulnerability exists in Mozilla Firefox's handling of MPEG4 video, which allows remote attackers to construct a malicious web page and trick users into parsing it, which could crash the application or execute arbitrary code...

9.3CVSS9.3AI score0.05715EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2015/08/11 7:47 p.m.2 views

Mozilla: Overflow issues in libstagefright (MFSA 2015-83)

Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data...

10CVSS7.8AI score0.09027EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2009/06/19 12:0 a.m.4 views

PT-2009-3541 · Apple +1 · Ios +1

Name of the Vulnerable Software and Affected Versions: Apple iPhone OS versions 1.0 through 2.2.1 Apple iPhone OS for iPod touch versions 1.1 through 2.2.1 Description: The issue is related to the MPEG-4 video codec, which allows remote attackers to cause a denial of service, resulting in a devic...

7.1CVSS6.5AI score0.02508EPSS
Exploits0References8
Rows per page
Query Builder