Lucene search
K

593 matches found

Amazon
Amazon
added 2026/04/01 12:0 a.m.6 views

Important: gstreamer1-plugins-bad-free

Issue Overview: Various out-of-bounds reads and writes in the DVB subtitle decoder that can cause crashes for certain input files. CVE-2026-2923 GStreamer JPEG Parser Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary co...

7.8CVSS7.5AI score0.00787EPSS
Exploits0
Snyk
Snyk
added 2026/03/13 10:41 p.m.3 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the handling of coordinates due to insufficient validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can achieve arbitrary code execution by enticing a use...

8.5CVSS7.7AI score0.00729EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/26 4:16 a.m.8 views

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

9.6CVSS6.1AI score0.00323EPSS
Exploits0References1
EUVD
EUVD
added 2026/02/25 6:31 p.m.13 views

EUVD-2025-208115

An arbitrary file upload vulnerability in the subtitle loading function of asbplayer v1.13.0 allows attackers to execute arbitrary code via uploading a crafted subtitle file...

6AI score0.00323EPSS
Exploits0References4
NVD
NVD
added 2026/02/25 4:23 p.m.7 views

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

9.6CVSS0.00323EPSS
Exploits0References2
OSV
OSV
added 2026/02/25 4:23 p.m.5 views

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

9.6CVSS6.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/02/25 12:0 a.m.3 views

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

9.6CVSS6.1AI score0.00323EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/25 12:0 a.m.21 views

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

0.00323EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/25 12:0 a.m.3 views

CVE-2025-69771

Cross-Site Scripting XSS vulnerability in the subtitle loading function of the asbplayer Chrome Extension version 1.14.0 allows attackers to execute arbitrary JavaScript in the context of the active streaming platform via a crafted .srt subtitle file. Because the script executes within the...

6.1AI score0.00323EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.7 views

PT-2026-21934

Name of the Vulnerable Software and Affected Versions asbplayer version 1.13.0 Description An arbitrary file upload issue exists in the subtitle loading function. Successful exploitation allows attackers to execute arbitrary code by uploading a specially crafted subtitle file. Recommendations At...

9.6CVSS5.8AI score0.00323EPSS
Exploits0References8
CVE
CVE
added 2026/02/25 12:0 a.m.11 views

CVE-2025-69771

CVE-2025-69771 is a Cross-Site Scripting (XSS) vulnerability in the subtitle loading function of the asbplayer Chrome Extension (version 1.14.0). The issue allows an attacker to host a crafted .srt subtitle file that executes arbitrary JavaScript in the active streaming platform’s context, bypass...

9.6CVSS6.1AI score0.00323EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.10 views

asbplayer 安全漏洞

ASBPlayer is a language learning tool developed by Raphael-Joel Lim. Version 1.13.0 of ASBPlayer contains a security vulnerability. This vulnerability stems from the subtitle loading function allowing arbitrary file uploads, which could enable attackers to execute arbitrary code by uploading...

9.6CVSS6.2AI score0.00323EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2026/02/25 12:0 a.m.12 views

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.1 release: Twelve security vulnerabilities were addressed, including: Out-of-bounds reads and writes in the H.266 video parser, WAV parser, MP4 and ASF demuxers, and DVB subtitle decoder. Integer overflows in the RI...

8.8CVSS6.2AI score0.00867EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/01/27 9:23 a.m.11 views

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

7.8CVSS5.4AI score0.00219EPSS
Exploits1References1
NVD
NVD
added 2026/01/26 4:16 a.m.15 views

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

7.8CVSS0.00219EPSS
Exploits1References7
OSV
OSV
added 2026/01/26 4:16 a.m.10 views

UBUNTU-CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

7.8CVSS5.1AI score0.00219EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2026/01/26 4:2 a.m.4 views

CVE-2026-1418 GPAC SRT Subtitle Import text_to_bifs.c gf_text_import_srt_bifs out-of-bounds write

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

5.3CVSS5.3AI score0.00219EPSS
Exploits1References7
EUVD
EUVD
added 2026/01/26 4:2 a.m.7 views

EUVD-2026-4698

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

5.3CVSS5.3AI score0.00219EPSS
Exploits1References6
OSV
OSV
added 2026/01/26 4:2 a.m.7 views

CVE-2026-1418 GPAC SRT Subtitle Import text_to_bifs.c gf_text_import_srt_bifs out-of-bounds write

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

4.8CVSS5.3AI score0.00219EPSS
Exploits1References9
ATTACKERKB
ATTACKERKB
added 2026/01/26 4:2 a.m.3 views

CVE-2026-1418

A security vulnerability has been detected in GPAC up to 2.4.0. This affects the function gftextimportsrtbifs of the file src/scenemanager/texttobifs.c of the component SRT Subtitle Import. Such manipulation leads to out-of-bounds write. The attack needs to be performed locally. The exploit has...

7.8CVSS5.3AI score0.00219EPSS
Exploits1References6
Rows per page
Query Builder