Lucene search
K

2236 matches found

Vulnrichment
Vulnrichment
added 2026/02/02 10:59 p.m.3 views

CVE-2025-6595

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from before 1.39.13, 1.42.7, 1.43.2, 1.44.0...

5.3AI score0.0027EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/02 10:59 p.m.4 views

CVE-2025-6595

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MultimediaViewer.This issue affects MultimediaViewer: from before 1.39.13, 1.42.7, 1.43.2, 1.44.0...

5.3AI score0.0027EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/01/26 3:2 a.m.6 views

CVE-2026-1416

A security flaw has been discovered in GPAC up to 2.4.0. Affected by this vulnerability is the function DumpMovieInfo of the file applications/mp4box/filedump.c. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released...

4.8CVSS4AI score0.00196EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.7 views

PT-2026-4718

A vulnerability was identified in GPAC up to 2.4.0. Affected is the function gf media export webvtt metadata of the file src/media tools/media export.c. The manipulation of the argument Name leads to null pointer dereference. The attack must be carried out locally. The exploit is publicly availab...

4.8CVSS5.5AI score0.00153EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.7 views

GPAC code-related vulnerabilities

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 2.4.0 have code vulnerabilities, which stem from a null pointer dereferencing in the file applications/mp4box/filedump.c...

4.8CVSS5.8AI score0.00196EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.5 views

GPAC code-related vulnerabilities

GPAC is an open-source multimedia framework developed by GPAC. Versions of GPAC prior to 2.4.0 have code vulnerabilities, which stem from a null pointer dereferencing in the file applications/mp4box/filedump.c...

4.8CVSS5.8AI score0.00196EPSS
Exploits1References6
The Hacker News
The Hacker News
added 2026/01/21 3:42 p.m.8 views

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of-service DoS and remote code execution. The most severe of the lot is a critical security flaw impacting Zoom Node Multimedia Routers MMRs that could permit a meeting...

9.9CVSS7AI score0.12965EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/01/20 1:57 p.m.6 views

CVE-2026-22844

A Command Injection vulnerability in Zoom Node Multimedia Routers MMRs before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access...

9.9CVSS6.7AI score0.12965EPSS
Exploits0References2
CVE
CVE
added 2026/01/20 1:57 p.m.17 views

CVE-2026-22844

CVE-2026-22844 is a command injection vulnerability in Zoom Node Multimedia Routers (MMRs) prior to version 5.2.1716.0. A meeting participant could achieve remote code execution on the MMR via network access, potentially compromising hybrid/connector deployments. Affected: Zoom Node MMR modules i...

9.9CVSS6.4AI score0.12965EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/20 1:57 p.m.9 views

CVE-2026-22844 Zoom Node Deployments - Command Injection

A Command Injection vulnerability in Zoom Node Multimedia Routers MMRs before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access...

9.9CVSS6.5AI score0.12965EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/20 12:28 a.m.37 views

SUSE CVE-2025-51602

mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...

4.8CVSS5.4AI score0.00368EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.7 views

PT-2026-3570

Name of the Vulnerable Software and Affected Versions Zoom Node Multimedia Routers MMRs versions prior to 5.2.1716.0 Description A critical command injection flaw exists in Zoom Node Multimedia Routers MMRs. This flaw allows a meeting participant to conduct remote code execution RCE on the MMR vi...

9.9CVSS6.7AI score0.12965EPSS
Exploits0References33
CNVD
CNVD
added 2026/01/19 12:0 a.m.3 views

GPAC pcmreframe_flush_packet function stack buffer overflow vulnerability

GPAC is an open source multimedia framework. GPAC has a stack buffer overflow vulnerability that stems from the pcmreframeflushpacket function failing to properly validate the length and size of the input data, which can be exploited by an attacker to cause a denial of service...

5.5CVSS6.1AI score0.00141EPSS
Exploits1References1
CNVD
CNVD
added 2026/01/19 12:0 a.m.4 views

GPAC dump_ttxt_sample function stack buffer overflow vulnerability

GPAC is an open source multimedia framework. GPAC has a stack buffer overflow vulnerability , the vulnerability stems from the dumpttxtsample function fails to correctly validate the length of the input data size , an attacker can use this vulnerability to cause a denial of service...

7.5CVSS6.1AI score0.00433EPSS
Exploits1References1
CNVD
CNVD
added 2026/01/19 12:0 a.m.8 views

GPAC vorbis_to_intern function stack buffer overflow vulnerability

GPAC is an open source multimedia framework. GPAC suffers from a stack buffer overflow vulnerability that stems from the vorbistointern function failing to correctly validate the length and size of the input data, which can be exploited by an attacker to cause a denial of service...

5.5CVSS6.1AI score0.00141EPSS
Exploits1References1
NVD
NVD
added 2026/01/16 6:16 p.m.6 views

CVE-2025-51602

mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...

4.8CVSS0.00368EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/16 3:28 a.m.6 views

CVE-2025-67823

A vulnerability in the Multimedia Email component of Mitel MiContact Center Business through 10.2.0.10 and Mitel CX through 1.1.0.1 could allow an unauthenticated attacker to conduct a Cross-Site Scripting XSS attack due to insufficient input validation. A successful exploit requires user...

8.2CVSS6.3AI score0.00292EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 12:0 a.m.27 views

CVE-2025-51602

CVE-2025-51602 affects VideoLAN VLC media player prior to 3.0.22. The vulnerability is an out-of-bounds read in mmstu.c that can lead to a denial of service when processing a crafted 0x01 response from an MMS server. Exploitation details are not provided beyond the MMS-triggered read/DoS describe...

4.8CVSS6.3AI score0.00368EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/16 12:0 a.m.23 views

CVE-2025-51602

mmstu.c in VideoLAN VLC media player before 3.0.22 allows an out-of-bounds read and denial of service via a crafted 0x01 response from an MMS server...

4.8CVSS0.00368EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/15 12:0 a.m.6 views

GPAC 安全漏洞

GPAC is an open source multimedia framework. GPAC suffers from a heap buffer overflow vulnerability that stems from the ghidmxdeclareopidbin function failing to properly validate the length size of the input data, which can be exploited by an attacker to cause a denial of service...

5.5CVSS5.9AI score0.00188EPSS
Exploits1References2
Rows per page
Query Builder