Lucene search
K

43 matches found

OSV
OSV
added 2026/06/24 1:10 p.m.4 views

OESA-2026-2697 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An out-of-bounds write...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in ffmpeg

There is a heap-based Buffer Overflow vulnerability in gaussianblur at libavfilter/vfedgedetect.c, which may lead to memory corruption and other potential issues...

8.8CVSS6.8AI score0.01833EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in qpdf

In QPDF 8.2.1, within libqpdf/QPDFWriter.cc, the functions QPDOrWriter::unparseObject and QPDOrWriter::unparseChild contain recursive calls that last for a long time. This allows remote attackers to cause a denial of service by using a crafted PDF file...

4.3CVSS5.8AI score0.01281EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in SOX

A vulnerability was discovered in SoX, where a heap buffer overflow occurs in the startread function in the hcom.c file. This vulnerability can be exploited by using a specially crafted hcomn file, which may cause the application to crash...

5.5CVSS7.4AI score0.00431EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in ffmpeg

In FFmpeg 4.4, the adtsdecodeextradata function in libavformat/adtsenc.c does not check the return value of initgetbits. This is a necessary step, as the second argument of initgetbits can be manipulated...

9.8CVSS7.1AI score0.02411EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2025-60483

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference in the gfac4presb4backchannelspresent function /mediatools/avparsers.c of GPAC Project/MP4Box before 26.02.0 allows attackers to caus...

5.5CVSS5.8AI score0.00143EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.9 views

Unity Linux 20.1050e / 20.1070e Security Update: sox (UTSA-2026-016770)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016770 advisory. An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h startread function, there is an integer overflow on the result of integer addition wraparound to 0 fe...

5.5CVSS6.8AI score0.01059EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2026/05/18 12:48 p.m.13 views

jq: jq: Denial of Service via crafted JSON object causing hash collisions

A flaw was found in jq, a command-line JSON processor. A remote attacker could exploit this vulnerability by providing a specially crafted JSON object. This object leverages a weakness in jq's hashing algorithm, which uses a hardcoded, publicly known seed. By crafting the JSON object to cause has...

7.5CVSS5.8AI score0.00366EPSS
Exploits0References6
Fedora
Fedora
added 2026/04/13 9:7 p.m.8 views

[SECURITY] Fedora 44 Update: siril-1.4.2-3.fc44

Siril is an image processing tool specially tailored for noise reduction and improving the signal/noise ratio of an image from multiple captures, as required in astronomy. Siril can align automatically or manually, stack and enhance pictures from various file formats, even images sequences movies...

9.8CVSS5.8AI score0.00735EPSS
Exploits3
CNNVD
CNNVD
added 2026/04/05 12:0 a.m.9 views

AnyBurn 安全漏洞

AnyBurn is a disc burning and image processing tool developed by AnyBurn Corporation. The AnyBurn 4.3 x86 version contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the image conversion function, which could allow local attackers to cause the...

6.8CVSS5.8AI score0.00189EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/12 2:8 p.m.6 views

EUVD-2026-10371

ImageMagick has Integer Overflow leading to out of bounds write in SIXEL decoder...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References3
NVD
NVD
added 2026/02/24 1:16 a.m.13 views

CVE-2026-24484

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

5.3CVSS0.00401EPSS
Exploits0References3
OSV
OSV
added 2025/12/22 10:16 p.m.7 views

CVE-2023-53981

PhotoShow 3.0 contains a remote code execution vulnerability that allows authenticated administrators to inject malicious commands through the exiftran path configuration. Attackers can exploit the ffmpeg configuration settings by base64 encoding a reverse shell command and executing it through a...

7.2CVSS6.4AI score0.00796EPSS
Exploits1References4
OSV
OSV
added 2025/10/19 7:8 p.m.5 views

JLSEC-2025-150 A vulnerability was found in FFmpeg up to 7.1

A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function movreadtrak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The...

5.5CVSS6AI score0.00296EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.5 views

PT-2025-33660 · Gnu +1 · Gpac +1

Уязвимость функции gf ac4 pres b 4 back channels present утилиты MP4Box мультимедийной платформы GPAC связана с разыменованием нулевого указателя. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании...

4.9CVSS7.2AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/05/30 12:0 a.m.7 views

The vulnerability of the Mongo fragment processing tool for MongoDB database management systems allows a hacker to induce a service failure.

The vulnerability of the Mongo fragment processing tool for MongoDB database management systems is related to an error in handling exceptional states. Exploiting this vulnerability allows a malicious actor to cause service failures using a specially created protocol called Wire...

7.8CVSS6.3AI score0.00398EPSS
Exploits0References6Affected Software2
RedhatCVE
RedhatCVE
added 2025/03/05 8:15 p.m.9 views

CVE-2025-25301

Rembg is a tool to remove images background. In Rembg 2.0.57 and earlier, the /api/remove endpoint takes a URL query parameter that allows an image to be fetched, processed and returned. An attacker may be able to query this endpoint to view pictures hosted on the internal network of the rembg...

7.5CVSS6.8AI score0.00485EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2024/04/17 7:15 p.m.4 views

CVE-2024-31585

FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avfshowspectrum.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

5.3CVSS7.3AI score0.00279EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2023/07/20 12:0 a.m.5 views

The vulnerability of the libqpdf/QPDWriter.cc utility for command-line processing of PDF documents allows a malicious actor to cause service interruptions.

The vulnerability of the libqpdf/QPDWriter.cc command-line utility for converting PDF documents is related to an uncontrolled recursion. Exploiting this vulnerability allows a malicious actor to cause service interruptions by using a specially created PDF file...

5CVSS5.4AI score0.01281EPSS
Exploits1References8Affected Software4
ATTACKERKB
ATTACKERKB
added 2023/07/10 6:15 p.m.3 views

CVE-2023-26590

A floating point exception vulnerability was found in sox, in the lsxaiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service...

6.2CVSS6.2AI score0.00207EPSS
Exploits0References3
Rows per page
Query Builder