14 matches found
CVE-2026-31405 media: dvb-net: fix OOB access in ULE extension header tables
In the Linux kernel, the following vulnerability has been resolved: media: dvb-net: fix OOB access in ULE extension header tables The ulemandatoryexthandlers and uleoptionalexthandlers tables in handleoneuleextension are declared with 255 elements valid indices 0-254, but the index htype is deriv...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the handling of coordinates due to insufficient validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can achieve arbitrary code execution by enticing a use...
EUVD-2022-55741
In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: fix leak of memory fw...
kernel: media: edia: dvbdev: fix a use-after-free
In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvbregisterdevice, pdvbdev is set equal to dvbdev, which is freed in several error-handling paths. However, pdvbdev is not set to NULL after dvbdev's deallocation, causing...
AZL-51023 CVE-2024-47698 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error Ensure index in rtl2832pidfilter does not exceed 31 to prevent out-of-bounds access. dev-filters is a 32-bit value, so setbit and clearbit functions should...
media: dvb-frontends: avoid stack overflow warnings with clang
...
Supra Smart Cloud TV Remote File Inclusion
Supra Smart Cloud TV allows remote file inclusion in the openLiveURL function, which allows a local attacker to broadcast fake video without any authentication via a /remote/mediacontrol?action=setUri&uri= URI. Recent assessments: pbarry-r7 at November 20, 2019 11:40pm UTC reported: Have to be on...
Supra Smart Cloud TV Remote File Inclusion
An authentication bypass vulnerability exists in Supra Smart Cloud TV. Successful exploitation of this vulnerability would allow a local attacker to broadcast any video without any authentication or to broadcast a fake emergency message...
Supra Smart Cloud TV - openLiveURL() Remote File Inclusion Vulnerability
Exploit for hardware platform in category web applications Supra Smart Cloud TV - 'openLiveURL' Remote File Inclusion Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References:...
Supra Smart Cloud TV - 'openLiveURL()' Remote File Inclusion
Exploit Title: Remote file inclusion Date: 03-06-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References: https://nvd.nist.gov/vuln/detail/CVE-2019-12477...
Supra Smart Cloud TV - openLiveURL() Remote File Inclusion
Supra Smart Cloud TV - openLiveURL Remote File Inclusion Exploit Title: Remote file inclusion Date: 03-06-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: https://supra.ru Software Link: https://supra.ru/catalog/televizory/televizorsuprastvlc40lt0020f/ CVE: CVE-2019-12477 References:...
SUPRA Smart TV Flaw Lets Attackers Hijack Screens With Any Video
I have said it before, and I will say it again — Smart devices are one of the dumbest technologies, so far, when it comes to protecting users' privacy and security. As more and more smart devices are being sold worldwide, consumers should be aware of security and privacy risks associated with the...
SUPRA Smart TV Flaw Lets Attackers Hijack Screens With Any Video
I have said it before, and I will say it again — Smart devices are one of the dumbest technologies, so far, when it comes to protecting users' privacy and security. As more and more smart devices are being sold worldwide, consumers should be aware of security and privacy risks associated with the...
kernel: av7110 negative array offset
The dvbcaioctl function in drivers/media/dvb/ttpci/av7110ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service memory corruption or possibly have unspecified other impact via a negative value...