Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability caused by Codecs integer overflow. This vulnerability could allow remote attackers to exploit the system through specially crafted video files, resulting in...

nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files

A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...

Google Chrome Codecs Component Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in the Google Chrome Codecs component, which can be exploited by an attacker to gain out-of-bounds memory access via specially crafted video files...

ALSA-2026:6906 Important: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files CVE-2026-32647 NGINX: NGINX: Denial of Service or file...

EUVD-2017-8120

Malware in sbrugna...

EUVD-2023-47690

Malicious code in bioql PyPI...

EUVD-2022-46284

Malicious code in bioql PyPI...

CVE-2023-43271

Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete the video files of the driving recorder through ftp and other protocols...

CVE-2025-32943

Summary (peer-reviewed sources confirm): CVE-2025-32943 affects PeerTube’s HLS endpoint, where a path traversal flaw allows any authenticated user to leak contents of arbitrary ".m3u8" files from the server. The vulnerability is rooted in improper input handling on the HLS path, enabling access t...

GHSA-5PMW-9J92-3C4C OpenH264 Rust API Openh264 Decoding Functions Heap Overflow Vulnerability

OpenH264 recently reported a heap overflow that was fixed in upstream 63db555 and integrated into our 0.6.6 release. For users relying on Cisco's pre-compiled DLL, we also published 0.8.0, which is compatible with their latest fixed DLL version 2.6.0. In other words: - if you rely on our source...

CVE-2024-49404

Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users...

CVE-2024-49404

Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users...

CVE-2024-49404

The CVE-2024-49404 entry concerns Samsung Video Player with an improper access control flaw that could allow a physical attacker to access other users’ video files. Affected versions are: Android 12 where versions prior to 7.3.29.1 are vulnerable; Android 13 prior to 7.3.36.1; and Android 14 prio...

CVE-2024-34672

Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users...

CVE-2024-34672

Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users...

CVE-2024-34672

Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users...

CVE-2024-34672

SamsungVideoPlayer is affected by improper input validation prior to versions 7.3.29.1 (Android 12), 7.3.36.1 (Android 13), and 7.3.41.230 (Android 14). This flaw allows local attackers to access video files of other users. The Red Hat and other sources reflect the same description. Practical imp...

CVE-2024-34672

Improper input validation in SamsungVideoPlayer prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows local attackers to access video file of other users...

SAMSUNG Video Player 安全漏洞

SAMSUNG Video Player is a built-in system video player application optimized for the Samsung Galaxy series from Samsung South Korea. A security vulnerability exists in SAMSUNG Video Player that originates from improper validation of user input. An attacker could exploit the vulnerability to acces...

Rocky Linux 9 : gstreamer1-plugins-bad-free (RLSA-2024:2287)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2287 advisory. - GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code ...