QNAP Transcode Server Command Execution

This module exploits an unauthenticated remote command injection vulnerability in QNAP NAS devices. The transcoding server listens on port 9251 by default and is vulnerable to command injection using the 'rmfile' command. This module was tested successfully on a QNAP TS-431 with firmware version...

CVE-2017-7248

A Cross-Site Scripting XSS was discovered in Gazelle before 2017-03-19. The vulnerability exists due to insufficient filtration of user-supplied data type passed to the 'Gazelle-master/sections/better/transcode.php' URL. An attacker could execute arbitrary HTML and script code in a browser in the...

CVE-2015-6735

The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new transcode, which allows remote attackers to cause a denial of service transcode deletion by resetting a transcode...

VLC Media Player < 2.1.5 Multiple Vulnerabilities

Binary data 9265.prm...

VLC Media Player 'audio.c' Heap Buffer Overflow Vulnerability

VLC Media Player is an excellent player. A heap buffer overflow vulnerability exists in the transcode module of VLC media player versions prior to 2.1.5. An attacker can exploit this vulnerability to hijack program execution and execute arbitrary code...

Updated vlc package fixes security vulnerability

Updated vlc packages 2.1.6 are an upgrade with some fixes. Some of the problems fixed upstream were already fixed by a previous Mageia update to VLC see the link to MGASA-2015-0053. VLC versions before 2.1.5 contain a vulnerability in the transcode module that may allow a corrupted stream to...

VLC Media Player < 2.1.5 Multiple Vulnerabilities

The version of VLC media player installed on the remote host is prior to 2.1.5. It is, therefore, affected by the following vulnerabilities : - An error exists in the pngpushreadchunk function within the file 'pngpread.c' from the included libpng library that can allow denial of service attacks...