Lucene search
K

346 matches found

OpenVAS
OpenVAS
added 2018/01/26 12:0 a.m.49 views

Debian: Security Advisory (DSA-4099-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01827EPSS
Exploits0References4
Debian
Debian
added 2017/11/27 9:47 p.m.35 views

[SECURITY] [DSA 4049-1] ffmpeg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4049-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 27, 2017 https://www.debian.org/security/faq -...

9.8CVSS9.3AI score0.03332EPSS
Exploits0
CNVD
CNVD
added 2017/11/07 12:0 a.m.5 views

FFmpeg Buffer Out-of-Bounds Read Vulnerability

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. A buffer out-of-bounds read vulnerability exists in the readheader function in libavcodec/ffv1dec.c in 3.3.4 and earlier versions of Ffmpeg. An...

8.8CVSS7.8AI score0.02EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/10/11 12:0 a.m.39 views

Debian DSA-3996-1 : ffmpeg - security update

Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if malformed Real, MV, RL2, ASF, Apple HLS, Phantom Cine, MXF, NSV, MOV or RTP H.264 files/streams are processed. %NASLMINLEVEL...

8.8CVSS6.8AI score0.02712EPSS
Exploits0References15
Debian
Debian
added 2017/10/10 7:23 p.m.41 views

[SECURITY] [DSA 3996-1] ffmpeg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3996-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 10, 2017 https://www.debian.org/security/faq -...

8.8CVSS8.2AI score0.02712EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/10/09 12:0 a.m.31 views

Debian: Security Advisory (DSA-3996-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.02712EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/09/28 12:0 a.m.6 views

The vulnerability of the multimedia framework of the Android operating system allows a perpetrator to gain access to protected data or execute arbitrary code.

The vulnerability of the multimedia framework of the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected data or execute arbitrary code within a privileged process...

7.8CVSS7.5AI score0.0046EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2017/09/08 12:0 a.m.3 views

Google Android Media Framework Remote Code Execution Vulnerability (CNVD-2017-31363)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. media framework libavc is one of the frameworks used for multimedia development. A remote code execution vulnerability exists in Media Framework libavc in Android. A remote attacke...

9.3CVSS8.3AI score0.01323EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/10 12:0 a.m.3 views

Unspecified vulnerability in Ffmpeg (CNVD-2017-20994)

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. There is an unspecified vulnerability in Ffmpeg, and no detailed vulnerability details are provided at this time...

9.8CVSS6.8AI score0.01629EPSS
Exploits0References1
OSV
OSV
added 2017/07/28 5:29 a.m.1 views

DEBIAN-CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

7.8CVSS8AI score0.01736EPSS
Exploits0References1
OSV
OSV
added 2017/04/25 3:59 a.m.3 views

CVE-2017-5051

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer...

8.8CVSS7.4AI score0.00844EPSS
Exploits0References2
OSV
OSV
added 2017/02/09 3:59 p.m.1 views

DEBIAN-CVE-2016-10191

Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches...

9.8CVSS9.8AI score0.07457EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2016/12/23 5:59 a.m.3 views

CVE-2016-7502

The cavsidct8addc function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavsdecode...

7.8CVSS5.5AI score0.01376EPSS
Exploits0References4
myhack58
myhack58
added 2016/11/22 12:0 a.m.35 views

Ubuntu system actually exists Nintendo red and white game machine vulnerability-vulnerability warning-the black bar safety net

Recently security researchers Evans in the Ubuntu system found a very interesting vulnerability, this vulnerability also with Nintendo the year of the 8-bit consoles(NES, or FC. Evans said that in Ubuntu 12.04.5 version of the multimedia framework in the presence of a vulnerability, the...

0.8AI score
Exploits0
OSV
OSV
added 2016/02/12 5:59 a.m.4 views

UBUNTU-CVE-2016-2328

libswscale/swscaleunscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service out-of-bounds array read access or possibly have unspecified other impact via a crafted .cine file, related to the bayertorgb24wrapper and...

8.8CVSS7.4AI score0.02567EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2015/12/30 12:0 a.m.41 views

GStreamer: User-assisted execution of arbitrary code

Background GStreamer is an open source multimedia framework. Description A buffer overflow vulnerability has been found in the parsing of H.264 formatted video. Impact A remote attacker could entice a user to open a specially crafted H.264 formatted video using an application linked against...

6.8CVSS8.1AI score0.0544EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2015/12/14 12:0 a.m.11 views

The vulnerability of the FFmpeg multimedia library, which allows a hacker to trigger a service failure

The vulnerability in the decodeuncompressed function in the libavcodec/faxcompr.c multimedia library of FFmpeg exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures by using specially crafted CCITT FAX data...

6.8CVSS7.7AI score0.01773EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2015/09/06 2:59 a.m.6 views

UBUNTU-CVE-2015-6823

The allocatebuffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted Apple Lossless Audio Codec ALAC data...

7.5CVSS7.4AI score0.02412EPSS
Exploits0References2
OSV
OSV
added 2014/11/05 11:55 a.m.2 views

DEBIAN-CVE-2014-8549

libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted On2 data...

7.5CVSS7.3AI score0.02395EPSS
Exploits0References1
seebug.org
seebug.org
added 2012/11/13 12:0 a.m.69 views

Apple QuickTime 视频文件缓冲区溢出漏洞

CVE ID: CVE-2012-3756 QuickTime是由苹果电脑所开发的一种多媒体架构,能够处理许多的数字视频、媒体段落、音效、文字、动画、音乐格式,以及交互式全景影像的数项类型。 QuickTime在处理特制PM4文件内的'rnet'框时存在缓冲区溢出漏洞,可导致应用意外终止或任意代码执行。 0 Apple Quicktime 7.x 厂商补丁: Apple ----- 请更新到QuickTime 7.7.3: APPLE-SA-2012-11-07-1:QuickTime 7.7.3 链接:http://www.apple.com/quicktime/download/...

9.3CVSS6.4AI score0.05562EPSS
Exploits2
Rows per page
Query Builder