PT-2026-36782

A weakness has been identified in justdan96 tsMuxer up to 2.7.0. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxer prev/tsMuxer/hevc.cpp. This manipulation of the argument track id causes denial of service. The attack requires local access. The exploit h...

Linux Distros Unpatched Vulnerability : CVE-2016-3863

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in libstagefright in MediaMuxer in Android 4.x before 4.4.4, 5.0.x befo...

PT-2022-25861 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A memory leak was discovered in the AP4 AvcFrameParser::Feed function in mp4mux. Recommendations: For Bento4 version 1.6.0-639, consider updating to a newer version that contains a fix for this issue,...

CVE-2021-45860

An integer overflow in DTSStreamReader::findFrame of tsMuxer git-2678966 allows attackers to cause a Denial of Service DoS via a crafted file...

CVE-2021-45861

There is an Assertion num = INTBIT' failed at BitStreamReader::skipBits in /bitStream.h:132 of tsMuxer git-c6a0277...

CVE-2021-21940

A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2021-21941

A use-after-free vulnerability exists in the pushMuxer CreatePushThread functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted set of network packets can lead to remote code execution...

Anker Eufy Homebase 缓冲区错误漏洞

Anker Eufy Homebase is a wireless home security camera system from Eufy USA. A buffer error vulnerability exists in Anker Eufy Homebase that stems from the product's pushMuxer processRtspInfo failing to properly handle incoming special network packets. An attacker could cause a buffer overflow vi...

openSUSE Security Update : ffmpeg-4 (openSUSE-2020-24)

This update for ffmpeg-4 fixes the following issues : ffmpeg-4 was updated to version 4.0.5, fixes boo1133153 - CVE-2019-11339: The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 allowed remote attackers to cause a denial of service out-of-array access or possibly have...

CVE-2016-3863

Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in libstagefright in MediaMuxer in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 allow remote attackers to execute arbitrary code via a...

Updated ffmpeg packages fix security vulnerabilities

The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.0.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...

CVE-2014-2263

The mpegtswritepmt function in the MPEG2 transport stream aka DVB muxer libavformat/mpegtsenc.c in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write...

CVE-2014-2263

The mpegtswritepmt function in the MPEG2 transport stream aka DVB muxer libavformat/mpegtsenc.c in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write...

Code injection

BEA WebLogic Server 6.1 through 6.1 SP7, 7.0 through 7.0 SP6, 8.1 through 8.1 SP5, and 9.0 allows remote attackers to cause a denial of service server hang via certain requests that cause muxer threads to block when processing error pages...