Lucene search
K

7 matches found

NVD
NVD
added 2026/06/17 1:20 p.m.6 views

CVE-2026-48055

Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and prior, a high-severity Zip Slip vulnerability was identified in Streambert's subtitle extraction logic. The application does not sanitize archive entry filenames during extraction,...

10CVSS0.00621EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 9:17 p.m.16 views

CVE-2026-48055 Streambert: Arbitrary File Write (Zip Slip) via Subtitle Extraction

Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and prior, a high-severity Zip Slip vulnerability was identified in Streambert's subtitle extraction logic. The application does not sanitize archive entry filenames during extraction,...

10CVSS0.00621EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 9:17 p.m.12 views

CVE-2026-48055

Streambert (Electron-based desktop app) has a Zip Slip vulnerability in its subtitle extraction logic affecting versions up to 2.4.0. The code concatenates raw archive entry names to a temporary directory, enabling path traversal and arbitrary file writes if a malicious ZIP with traversal sequenc...

10CVSS5.4AI score0.00621EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50120

Streambert is a cross-platform Electron Desktop App to stream and download any video media. In versions 2.4.0 and prior, a high-severity Zip Slip vulnerability was identified in Streambert's subtitle extraction logic. The application does not sanitize archive entry filenames during extraction,...

10CVSS5.5AI score0.00621EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/14 12:0 a.m.5 views

The vulnerability of the AVI_ExtractSubtitle component of the VLC Media Player allows a hacker to gain access to confidential data and also trigger a service failure.

The vulnerability of the AVIExtractSubtitle component in the VLC Media Player media player is related to the copying of buffers without checking the input data. Exploiting this vulnerability allows a remote attacker to gain access to confidential data and also cause a service failure by using a...

8.8CVSS7.3AI score0.00741EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2021/07/26 5:15 p.m.3 views

UBUNTU-CVE-2021-25802

A buffer overflow vulnerability in the AVIExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file...

7.1CVSS7.5AI score0.00741EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/07/26 12:0 a.m.4 views

VideoLAN VLC Media Player 缓冲区错误漏洞

VideoLAN VLC is an open source cross-platform multimedia player and framework that can play most multimedia files, as well as DVDs, audio CDs, VCDs, and various streaming protocols. a buffer overflow vulnerability exists in the AVIExtractSubtitle component of VideoLAN VLC version 3.0.11, which ca...

7.1CVSS6AI score0.00741EPSS
Exploits0References3
Rows per page
Query Builder