Lucene search
K

95 matches found

Mozilla
Mozilla
added 2022/09/20 12:0 a.m.311 views

Security Vulnerabilities fixed in Firefox 105 — Mozilla

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. During iframe navigation, certain pages did not have their FeaturePolicy fully initialized leading to a bypass that leaked device permissions into untrusted subdocuments. Concurrent use of t...

6.5CVSS1.8AI score0.01284EPSS
Exploits0References9Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/20 12:0 a.m.6 views

PT-2022-6609 · Mozilla +7 · Firefox Esr +9

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 105 Firefox ESR versions prior to 102.3 Thunderbird versions prior to 102.3 Description: The issue is related to an out-of-bounds read that occurs when decoding H.264 video, potentially leading to a crash. This can b...

10CVSS8AI score0.99694EPSS
Exploits55References931
OSV
OSV
added 2022/08/05 11:4 a.m.5 views

OESA-2022-1808 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: trackheader in...

6.5CVSS7.2AI score0.01527EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.9 views

The vulnerability of the de265_image::available_zscan function in the h.265 Libde265 implementation allows a attacker to cause a service failure.

The vulnerability of the de265image::availablezscan function in the h.265 Libde265 implementation is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows a remote attacker to cause a service failure using a specially created file...

7.1CVSS7.1AI score0.01337EPSS
Exploits1References8Affected Software4
CNNVD
CNNVD
added 2021/08/23 12:0 a.m.5 views

Libav 缓冲区错误漏洞

Libav is an open source audio and video processing tool that provides cross-platform tools and libraries for converting, manipulating, and streaming various multimedia formats and protocols. vc1decodepmbintfi in vc1block.c in Libav version 12.3 is vulnerable to a heap buffer overflow. An attacker...

6.5CVSS6.1AI score0.00886EPSS
Exploits1References3
OSV
OSV
added 2021/08/18 1:15 p.m.2 views

DEBIAN-CVE-2021-21844

Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when encountering an atom using the “stco” FOURCC code, can cause an integer overflow due to unchecked...

8.8CVSS8.4AI score0.01963EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/08/16 12:0 a.m.4 views

GPAC 输入验证错误漏洞

GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering.The MPEG-4 decoding feature of GPAC Project on Advanced Content library 1.0.1 suffers from an integer...

8.8CVSS5.8AI score0.01601EPSS
Exploits1References7
CNNVD
CNNVD
added 2021/08/16 12:0 a.m.6 views

GPAC 输入验证错误漏洞

GPAC Project on Advanced Content is an open source cross-platform library that implements the MPEG-4 system standard and provides tools for media playback, vector graphics, and 3D rendering. an integer overflow vulnerability exists in the MPEG-4 decoding functionality in GPAC Project on Advanced...

8.8CVSS6AI score0.01993EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2021/05/26 12:0 a.m.5 views

PT-2021-6775 · Unknown · Gpac Project On Advanced Content Library

Name of the Vulnerable Software and Affected Versions: GPAC Project on Advanced Content library version 1.0.1 Description: An exploitable integer truncation issue exists within the MPEG-4 decoding functionality. A specially crafted MPEG-4 input can cause improper memory allocation, resulting in a...

9.3CVSS9.1AI score0.02019EPSS
Exploits24References72
ATTACKERKB
ATTACKERKB
added 2020/12/15 4:15 p.m.4 views

CVE-2020-0488

In ihevcinterpredchromacopyssse3 of ihevcinterpredfiltersssse3intr.c, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

6.5CVSS5.7AI score0.00702EPSS
Exploits0References2
Citrix
Citrix
added 2020/11/09 12:0 a.m.7 views

RealTime Optimization Pack Capability Checker

RealTime Optimization Pack Capability Checker v2.4.0 Created Date: Mar 22, 2017 Updated Date: Apr 30, 2018 Where to download ? Certain legacy Citrix tools are now available on request only. Please submit the request here - https://forms.gle/obA39PEz5qpDiSPq8 Once we verify your request, we will...

7.2AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2020/04/23 12:0 a.m.101 views

Security update for vlc (moderate)

openSUSE Security Update: Security update for vlc Announcement ID: openSUSE-SU-2020:0545-1 Rating: moderate References: 1142161 1146428 Cross-References: CVE-2019-13602 CVE-2019-13962 CVE-2019-14437 CVE-2019-14438 CVE-2019-14498 CVE-2019-14533 CVE-2019-14534 CVE-2019-14535 CVE-2019-14776...

9.8CVSS8.3AI score0.036EPSS
Exploits1References2
Microsoft KB
Microsoft KB
added 2020/04/10 12:0 a.m.7 views

Streaming issues that are related to Microsoft Media Foundation in Windows 7

Streaming issues that are related to Microsoft Media Foundation in Windows 7 Symptoms A hotfix is available for Microsoft Media Foundation in Windows 7. This hotfix resolves the following streaming issues that relate to Media Foundation: Issue 1 You cannot stream some audio files to multiple...

5.9AI score
Exploits0
OSV
OSV
added 2019/04/19 12:29 a.m.4 views

DEBIAN-CVE-2019-11338

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service NULL pointer dereference and out-of-array access or possibly have unspecified other impact via crafted HEVC data...

8.8CVSS7.5AI score0.02354EPSS
Exploits0References1
CNVD
CNVD
added 2018/11/12 12:0 a.m.3 views

Libav Invalid Memory Access Vulnerability

Libav is an open source audio and video processing tools , providing for conversion , manipulation and streaming of various multimedia formats and protocols cross-platform tools and libraries . An invalid memory access vulnerability exists in vc1decodefram in libavcodec/vc1dec.c in Libav 12.3,...

6.5CVSS6.3AI score0.01129EPSS
Exploits1References1
OSV
OSV
added 2018/02/28 7:29 a.m.4 views

DEBIAN-CVE-2018-7557

The decodeinit function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service Out of array read via an AVI file with crafted dimensions within chroma subsampling data...

6.5CVSS6.8AI score0.01892EPSS
Exploits0References1
CNVD
CNVD
added 2018/01/16 12:0 a.m.3 views

Google Android Media framework (libavc) information disclosure vulnerability (CNVD-2018-01109)

Android on Google Pixel and Nexus is a Linux-based open source operating system for Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA, with the Media framework libavc as a framework for multimedia development. is a framework used for multimedia...

9.1CVSS6.2AI score0.0067EPSS
Exploits0References1
Citrix
Citrix
added 2017/12/07 12:0 a.m.11 views

How to configure H.265 video VDA encoding for NVIDIA GPUs

Support for H.265 Encoding/Decoding H.265 video encoding on 7.16 VDAs with H.265-compatible NVIDIA GPUs and H.265 video decoding on Citrix Receiver for Windows 4.10 is supported for hardware acceleration of remote graphics and videos...

7.3AI score
Exploits0
OSV
OSV
added 2017/09/08 8:29 p.m.3 views

CVE-2017-0757

A remote code execution vulnerability in the Android media framework libavc. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-36006815...

7.8CVSS6.3AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2017/06/30 12:0 a.m.11 views

The vulnerability of the FFmpeg multimedia library, which allows a hacker to perform recording beyond the memory limit

The vulnerability of the FFmpeg multimedia library arises from an overflow in the buffer in the dynamic memory. Exploiting this vulnerability allows a malicious actor to perform write operations beyond the memory boundaries, related to the function ipvideodecodeblockopcode0xA in...

7.5CVSS7.9AI score0.02564EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder