EUVD-2023-60302

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdecmsgqueueinit If we encounter any error in the vdecmsgqueueinit then we need to set "msgqueue-wdmaaddr.size = 0;". Normally, this is done inside the vdecmsgqueuedeinit function...

EUVD-2018-21038

Malware in sbrugna...

EUVD-2025-20480

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-3109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks check of the return value of avmalloc and will cause a null pointe...

Linux Distros Unpatched Vulnerability : CVE-2021-23973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When trying to load a cross-origin resource in an audio/video context a decoding error may have resulted, and the content of that error may have revealed...

PT-2025-32558 · Git · Libavc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=434978682 Crash type: Heap-buffer-overflow READ 2 Crash state: isvcd mark err slice skip isvcd video decode Codec::decodeFrame...

CVE-2025-27044

Memory corruption while executing timestamp video decode command with large input values...

CVE-2025-27044

Memory corruption while executing timestamp video decode command with large input values...

CVE-2025-27044 Out-of-bounds Write in Video

Memory corruption while executing timestamp video decode command with large input values...

CVE-2025-27044

CVE-2025-27044 : Memory corruption occurs when executing a timestamp video decode command with large input values in Qualcomm chipsets. Affected component: video decode path in Qualcomm Snapdragon/related chipsets (documented as a buffer/memory corruption vulnerability). Underlying cause: out-of-...

CVE-2019-2252

Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

SUSE CVE-2022-49887

In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdecprobe v4l2deviceunregister need to be called to put the refcount got by v4l2deviceregister when vdecprobe fails or vdecremove is called...

PT-2024-8963 · Mediatek · Mediatek Vdec

Name of the Vulnerable Software and Affected Versions: MediaTek vdec affected versions not specified Description: The issue is related to a missing bounds check in the vdec component of MediaTek microprogram software, which could lead to an out of bounds write. This could result in local escalati...

PT-2025-28444 · Qualcomm · Snapdragon +7

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to memory corruption that occurs when executing a timestamp video decode command with large input values. Recommendations: At the moment, there is no information about a...

OSV-2024-637 Heap-buffer-overflow in ih264d_format_convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=69682 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert isvcdvideodecode isvcdapifunction...

PT-2023-35649 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap buffer overflow issue was identified, potentially causing a crash. The crash occurs in the ih264d format convert function, which is called by isvc...

PT-2023-35609 · Git +1 · Libavc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow WRITE crash has been reported. The crash involves the following functions: ih264d format convert, isvcd video decode, and isvcd ap...

Fedora: Security Advisory for oneVPL-intel-gpu (FEDORA-2023-ea65146fd4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 33 : chromium (2020-4e8e48da22)

Update to 86.0.4240.183. Fixes the following security issues: CVE-2020-16004 CVE-2020-16005 CVE-2020-16006 CVE-2020-16008 CVE-2020-16009 Also disables the very verbose output going to stdout. ---- Update to Chromium 86. A few big things here : 1. Upstream has made hardware accelerated video suppo...

Google Android elevation of privilege vulnerability (CNVD-2018-26777)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in the V4L2SliceVideoDecodeAccelerator::Dequeue in the v4l2slicevideodecodeaccelerator.cc file in Android versions 8.1 and 9, which...