Lucene search
K

1471 matches found

RedHat Linux
RedHat Linux
added 2026/04/13 11:16 a.m.11 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the rtpqdm2depay component allows a remote attacker to execute arbitrary code. The flaw occurs due to insufficient validation of user-supplied data length during the processing of X-QDM Real-time Transport Protocol RT...

8.8CVSS8.1AI score0.00828EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/04/13 11:16 a.m.11 views

GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay

A flaw was found in GStreamer. This out-of-bounds write vulnerability exists within the rtpqdm2depay element, specifically during the processing of X-QDM Real-time Transport Protocol RTP payload elements. A remote attacker can exploit this by providing malformed user-supplied data to the packetid...

8.8CVSS7.7AI score0.00806EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/07 12:30 a.m.5 views

EUVD-2026-19551

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now...

7.5CVSS6.9AI score0.01459EPSS
Exploits0References6
CVE
CVE
added 2026/04/06 7:54 p.m.9 views

CVE-2026-35203

ZLMediaKit's VP9 RTP payload parser (ext-codec/VP9Rtp.cpp) reads multiple fields from the RTP payload based on flag bits in the first byte without verifying enough data, allowing a crafted 1-byte VP9 payload (0xFF, all flags set) to read past the buffer end and trigger a heap-buffer-overflow. The...

7.5CVSS5.9AI score0.00345EPSS
Exploits1References2Affected Software1
RedHat Linux
RedHat Linux
added 2026/04/06 2:26 a.m.4 views

kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild

A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...

4.7CVSS5.9AI score0.00106EPSS
Exploits0References5
NVD
NVD
added 2026/04/03 4:16 p.m.4 views

CVE-2026-31396

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via gettsinfo ethtool call which is possible while the interfa...

7.8CVSS0.00117EPSS
Exploits0References10
OSV
OSV
added 2026/04/03 4:16 p.m.9 views

UBUNTU-CVE-2026-31396

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via gettsinfo ethtool call which is possible while the interfa...

7.8CVSS5.7AI score0.00117EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/04/03 12:0 a.m.14 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the PTP clock being accessible after the interface is closed, potentially leading to reuse after releas...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/31 7:50 p.m.2 views

GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay

A flaw was found in GStreamer. This out-of-bounds write vulnerability exists within the rtpqdm2depay element, specifically during the processing of X-QDM Real-time Transport Protocol RTP payload elements. A remote attacker can exploit this by providing malformed user-supplied data to the packetid...

8.8CVSS7.8AI score0.00806EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/31 3:36 p.m.23 views

CVE-2026-34235 PJSIP: Heap OOB read in VPX unpacketizer

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

6.9CVSS0.00405EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/31 3:36 p.m.5 views

EUVD-2026-17494

PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap out-of-bounds read vulnerability exists in PJSIP's VP9 RTP unpacketizer that occurs when parsing crafted VP9 Scalability Structure SS data. Insufficient bounds checking on the payload...

6.9CVSS5.8AI score0.00405EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/31 1:11 p.m.4 views

GStreamer: GStreamer: Remote Code Execution via Heap-based Buffer Overflow in rtpqdm2depay

A flaw was found in GStreamer. This heap-based buffer overflow vulnerability in the rtpqdm2depay component allows a remote attacker to execute arbitrary code. The flaw occurs due to insufficient validation of user-supplied data length during the processing of X-QDM Real-time Transport Protocol RT...

8.8CVSS8.1AI score0.00828EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/31 1:11 p.m.5 views

GStreamer: GStreamer: Remote Code Execution via Out-Of-Bounds Write in rtpqdm2depay

A flaw was found in GStreamer. This out-of-bounds write vulnerability exists within the rtpqdm2depay element, specifically during the processing of X-QDM Real-time Transport Protocol RTP payload elements. A remote attacker can exploit this by providing malformed user-supplied data to the packetid...

8.8CVSS7.7AI score0.00806EPSS
Exploits0References6
Fedora
Fedora
added 2026/03/31 1:9 a.m.6 views

[SECURITY] Fedora 42 Update: ntpd-rs-1.7.1-1.fc42

Full-featured implementation of NTP with NTS support...

7.5CVSS5.8AI score0.00349EPSS
Exploits0
Fedora
Fedora
added 2026/03/31 12:54 a.m.5 views

[SECURITY] Fedora 43 Update: ntpd-rs-1.7.1-1.fc43

Full-featured implementation of NTP with NTS support...

7.5CVSS5.8AI score0.00349EPSS
Exploits0
Fedora
Fedora
added 2026/03/31 12:27 a.m.5 views

[SECURITY] Fedora 44 Update: ntpd-rs-1.7.1-1.fc44

Full-featured implementation of NTP with NTS support...

7.5CVSS5.8AI score0.00349EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.9 views

PJSIP 缓冲区错误漏洞

PJSIP is an open-source, free and open-source multimedia communication library developed in C language. It implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Prior to PJSIP 2.17, there was a buffer error vulnerability. This vulnerability stemmed from the VP9 RTP...

9.1CVSS6AI score0.00405EPSS
Exploits0References2
OSV
OSV
added 2026/03/30 12:8 p.m.6 views

USN-8131-1 gst-plugins-good1.0 vulnerabilities

It was discovered that GStreamer Good Plugins incorrectly handled certain X-QDM RTP payloads. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS6AI score0.00828EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/24 6:31 a.m.8 views

EUVD-2026-14736

A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handlerupdatesystemtime of the file libdeuteronmodules.so of the component NTP Service. The manipulation results in os command injection. The attack may be launched remotely. This vulnerability only...

8.6CVSS6.7AI score0.02024EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/24 3:32 a.m.3 views

CVE-2026-4627 D-Link DIR-825/DIR-825R NTP Service libdeuteron_modules.so handler_update_system_time os command injection

A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handlerupdatesystemtime of the file libdeuteronmodules.so of the component NTP Service. The manipulation results in os command injection. The attack may be launched remotely. This vulnerability only...

8.6CVSS6.7AI score0.02024EPSS
Exploits0References4
Rows per page
Query Builder