65 matches found
CVE-2024-26744 RDMA/srpt: Support specifying the srpt_service_guid parameter
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support specifying the srptserviceguid parameter Make loading ibsrpt with this parameter set work. The current behavior is that setting that parameter while loading the ibsrpt kernel module triggers the following kerne...
The vulnerability of the `pic_parameter_set::dump()` function in the h.265 Libde265 implementation allows a attacker to disclose protected information or cause service failures.
The vulnerability of the picparameterset::dump function in the h.265 Libde265 implementation is related to buffer overflows caused by the parameters numtilecolumns and numtilerow. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information or cause service failures...
DEBIAN-CVE-2023-43887
Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the numtilecolumns and numtilerow parameters in the function picparameterset::dump...
UBUNTU-CVE-2023-43887
Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the numtilecolumns and numtilerow parameters in the function picparameterset::dump...
PT-2023-8875 · Libde265 +4 · Libde265 +4
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.12 Description: The issue is related to a buffer overflow in the pic parameter set::dump function of the h.265 Libde265 video codec, specifically through the num tile columns and num tile row parameters. This could allow ...
Libde265 Security Vulnerability
Libde265 is a German h.265 video codec. A security vulnerability exists in Libde265 version v1.0.12, which originates from the inclusion of multiple buffer overflows via the numtilecolumns and numtilerow parameters in the picparameterset::dump function...
CVE-2022-48434
libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...
CVE-2022-3927
The affected products store both public and private key that are used to sign and protect Custom Parameter Set CPS file from modification. An attacker that manages to exploit this vulnerability will be able to change the CPS file, sign it so that it is trusted as the legitimate CPS file. This iss...
CVE-2022-3927
The affected products store both public and private key that are used to sign and protect Custom Parameter Set CPS file from modification. An attacker that manages to exploit this vulnerability will be able to change the CPS file, sign it so that it is trusted as the legitimate CPS file. This iss...
CVE-2022-3927 The affected products store public and private key that are used to sign and protect custom parameter set files from modification.
The affected products store both public and private key that are used to sign and protect Custom Parameter Set CPS file from modification. An attacker that manages to exploit this vulnerability will be able to change the CPS file, sign it so that it is trusted as the legitimate CPS file. This iss...
GPAC MP4Box 安全漏洞
GPAC MP4Box is multimedia packager. It is mainly used to work with ISOBMF files e.g. MP4, 3GP, but can also be used to import/export media from container files such as AVI, MPG, MKV, MPEG-2 TS. A security vulnerability exists in GPAC MP4Box version 2.1-DEV-rev644-g5c4df2a67, which stems from a...
CVE-2021-46840
The HWKEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access...
CVE-2021-46840
The HWKEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access...
CVE-2021-46840
CVE-2021-46840 affects Huawei HarmonyOS HW_KEYMASTER module, with an out-of-bounds access vulnerability in parameter set verification that could enable attacker-constructed data to trigger an out-of-bounds condition. The issue is described across several sources (NVD/NIST and CNNVD) as a vulnerab...
UBUNTU-CVE-2021-30020
In the function gfhevcreadppsbsinternal function in mediatools/avparsers.c in GPAC 1.0.1 there is a loop, which with crafted file, pps-numtilecolumns may be larger than sizeofpps-columnwidth, which results in a heap overflow in the loop...
PT-2023-15454 · Unknown +1 · Gpac Mp4Box +1
Name of the Vulnerable Software and Affected Versions: GPAC MP4Box version 2.1-DEV-rev644-g5c4df2a67 Description: The issue is related to a buffer overflow in the gf hevc read vps bs internal function, located in the media tools/av parsers.c file at line 8039. This function is part of the GPAC...
DEBIAN-CVE-2018-7752
GPAC through 0.7.1 has a Buffer Overflow in the gfmediaavcreadsps function in mediatools/avparsers.c, a different vulnerability than CVE-2018-1000100...
UBUNTU-CVE-2016-3828
decoder/ih264dapi.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28835995...
DEBIAN-CVE-2015-8217
The ffhevcparsesps function in libavcodec/hevcps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted High Efficiency Video Coding HEVC da...
DEBIAN-CVE-2014-9319
The ffhevcdecodenalsps function in libavcodec/hevcps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service out-of-bounds access via a crafted .bit file...