WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 26.0 contained code vulnerabilities. These vulnerabilities stemmed from the downloadVideoFromDownloadURL function using the original file name and extension of the remote...

CVE-2025-40016

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVCINVALIDENTITYID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. Each Unit and Terminal within the video function is assigned a unique...

UBUNTU-CVE-2025-40016

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVCINVALIDENTITYID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. Each Unit and Terminal within the video function is assigned a unique...

EUVD-2025-4715

Malicious code in bioql PyPI...

PT-2025-26101

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been identified in the Linux kernel, specifically in the tw686x video initialization function. The video device alloc function allocates memory for vdev, but when...

PT-2025-7338 · WordPress · The Wordpress Portfolio Builder – Portfolio Gallery

Name of the Vulnerable Software and Affected Versions: The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress versions up to, and including, 1.1.7 Description: The issue is related to unauthorized modification of data due to a missing capability check on the add video function...

WordPress plugin Wonder Video Embed 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

AMD Graphics Driver 安全漏洞

AMD Graphics Driver is an integrated graphics driver from Ultraviolet Semiconductor AMD. A security vulnerability exists in AMD Graphics Driver that stems from insufficient boundary checking, which allows an attacker to cause a denial of service by sending a malformed message using a malicious VF...

GHSA-97X5-CC53-CV4V Cross site scripting in froala-editor

A cross site scripting XSS vulnerability in the Insert Video function of Froala WYSIWYG Editor allows attackers to execute arbitrary web scripts or HTML...

CVE-2020-22864

CVE-2020-22864 concerns Froala WYSIWYG Editor, specifically the Insert Video function in version 3.1.0, where a cross-site scripting (XSS) vulnerability exists. The connected documents attribute the root cause to insufficient sanitization of user input in the Insert Video flow (e.g., html.insert)...

PT-2021-10802 · Froala · Froala Wysiwyg Editor

Name of the Vulnerable Software and Affected Versions: Froala WYSIWYG Editor version 3.1.0 Description: A cross site scripting XSS vulnerability in the Insert Video function of Froala WYSIWYG Editor allows attackers to execute arbitrary web scripts or HTML. Recommendations: For Froala WYSIWYG...

CVE-2017-18281

A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel...

Design/Logic Flaw

A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel...