14 matches found
OESA-2026-2665 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: When calculating the...
OESA-2026-2663 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg 4.2 is affected ...
OESA-2026-2662 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: When calculating the...
Linux Distros Unpatched Vulnerability : CVE-2025-59728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call...
SUSE CVE-2025-59728
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the resolvecontentpath process. An attacker can cause a write operation to occur one byte past the end of a heap-allocated buffer by crafting a specially designed MPEG-DASH manifest that triggers the appending of ...
UBUNTU-CVE-2025-59728
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...
CVE-2025-59728 Heap-buffer-overflow write in FFmpeg MDASH resolve_content_path
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...
CVE-2025-59728
CVE-2025-59728 is a FFmpeg memory-handling vulnerability: during dash manifest content path resolution, a heap-buffer-overflow write occurs when appending a trailing '/' in the MDASH resolve_content_path flow, potentially affecting multiple Ubuntu/SUSE advisories referencing FFmpeg. The issue is ...
CVE-2025-59728 Heap-buffer-overflow write in FFmpeg MDASH resolve_content_path
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...
CVE-2025-59728
When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below 0, it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is...
FFmpeg 安全漏洞
FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg that stems from an out-of-bounds NUL byte write in the content path calculation when processing MPEG-DASH manifests, which could lead to memory...
CVE-2023-34105
SRS (Simple Real-time Server) api-server is vulnerable to drive-by command injection on POST /api/v1/snapshots in versions prior to 5.0.157, 5.0-b1, and 6.0.48, potentially leading to Remote Code Execution (RCE). Connected advisories confirm a fix in 5.0.157, 5.0-b1, and 6.0.48. Mitigate by updat...
SeaWell Networks Spectrum - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: SeaWell Networks Spectrum - Multiple Vulnerabilities Discovered by: Karn Ganeshen Vendor Homepage: http://www.seawellnetworks.com/spectrum/ Versions Reported: Spectrum SDC 02.05.00, Build 02.05.00.0016 CVE-ID: CVE-2015-8282...