CVE-2025-56316

A SQL injection vulnerability in the contenttitle parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template rendering...

QNAP Systems Photo Station 跨站脚本漏洞

QNAP Systems Photo Station is an online photo album from QNAP Systems, Inc. It is used to organize multimedia content photos and videos on Qnap Nas. A cross-site scripting vulnerability exists in QNAP Systems Photo Station that stems from susceptibility to cross-site scripting attacks...

Moderate: grilo security update

Grilo is a framework that provides access to different sources of multimedia content, using a pluggable system. The grilo package contains the core library and elements. Security Fixes: grilo: missing TLS certificate verification CVE-2021-39365 For more details about the security issues, includin...

grilo security update

An update is available for grilo. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grilo is a framework that provides access to different sources of multimedia...

Fedora: Security Advisory for grilo (FEDORA-2021-301dfb76b3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-202007-4] ffmpeg: arbitrary code execution

Arch Linux Security Advisory ASA-202007-4 ========================================= Severity: High Date : 2020-07-31 CVE-ID : CVE-2020-13904 Package : ffmpeg Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1180 Summary ======= The package ffmpeg before versi...

[ASA-201702-10] ffmpeg: arbitrary code execution

Arch Linux Security Advisory ASA-201702-10 ========================================== Severity: Critical Date : 2017-02-12 CVE-ID : CVE-2017-5024 CVE-2017-5025 Package : ffmpeg Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-172 Summary ======= The package...

[SECURITY] Fedora 23 Update: drupal6-emfield-2.7-1.fc23

This extensible module will create fields for content types that can be use d to display video, image, and audio files from various third party providers. W hen entering the content, the user will simply paste the URL or embed code from the third party, and the module will automatically determine...

How to Auto-BackUp Your WhatsApp Data to Google Drive with Encryption

What if your phone suddenly slips into a bathtub? Maybe you'll end up losing all your important data, more specifically, your WhatsApp photos, videos, Voice Notes and Chat Data that flows through your chats. Sounds scary, isn't it? But, now you need not worry if your phone suddenly died or broke ...

Apple iPhone Browsing

The iPhone is a line of Internet and multimedia-enabled smartphones designed and marketed by Apple Inc. An iPhone functions as a video camera, camera phone with text messaging and visual voicemail, a portable media player, and an Internet client with e-mail, Web browsing, and both Wi-Fi and 3G...

Microsoft DirectX SAMI parsing buffer overflow

Overview Microsoft DirectX is vulnerable to a stack-based buffer overflow. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft DirectX is a feature of the Microsoft Windows operating system used for streaming...

Microsoft DirectX remote code execution

Overview Microsoft DirectX is vulnerable to a remote code execution vulnerability which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft DirectX is a feature of the Microsoft Windows operating system used for streaming multimedia...

Flash Player Detection

There is at least one instance of Adobe Flash Player installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid28211; scriptversion"1.28"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10"; scriptxrefname:"IAVT",...

Allow embedding multimedia content located on remote servers

Re: CSP-8387 Currently, when embedding multimedia content on Confluence you are restricted to embedding files located on the Confluence server. The page http://confluence.atlassian.com/display/CONF20/Embedding+Multimedia+Content singles out "security reasons" as the reason for this limitation. In...