CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

AlmaLinux•added 2025/02/11 12:0 a.m.•36 views

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 For more details about the security issues, including the impact, a CVSS score, acknowledgment...

7.8CVSS7.6AI score0.03301EPSS

Exploits1References4

OSV•added 2023/11/27 8:29 a.m.•6 views

SUSE-SU-2023:4575-1 Security update for gstreamer-plugins-bad

This update for gstreamer-plugins-bad fixes the following issues: - CVE-2023-40474: Fixed integer overflow causing out of bounds writes when handling invalid uncompressed video bsc1215796. - CVE-2023-40476: Fixed possible overflow using maxsublayersminus1 bsc1215793...

8.8CVSS8.8AI score0.02009EPSS

Exploits0References5

OSV•added 2023/11/06 4:15 a.m.•2 views

CVE-2023-32837

In video, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08250357...

7.8CVSS5.9AI score0.00123EPSS

Exploits0References2

BDU FSTEC•added 2020/04/10 12:0 a.m.•4 views

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird, related to memory usage after deallocation, allows an attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in web browsers Firefox, Firefox ESR, and the email client Thunderbird relates to the use of memory after deallocation during the manipulation of video elements. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, an...

9.3CVSS7.6AI score0.01713EPSS

Exploits0References12Affected Software8

OSV•added 2019/09/04 12:0 a.m.•3 views

UBUNTU-CVE-2019-11746

A use-after-free vulnerability can occur while manipulating video elements if the body is freed while still in use. This results in a potentially exploitable crash. This vulnerability affects Firefox 69, Thunderbird 68.1, Thunderbird 60.9, Firefox ESR 60.9, and Firefox ESR 68.1...

8.8CVSS7.3AI score0.01713EPSS

Exploits0References6

CNVD•added 2015/08/19 12:0 a.m.•1 views

Mozilla Firefox MPEG4 Video Processing Buffer Overflow Vulnerability (CNVD-2015-05452)

Mozilla Firefox is an open source WEB browser. An integer overflow vulnerability exists in Mozilla Firefox's handling of MPEG4 video, which allows remote attackers to construct a malicious web page and trick users into parsing it, which could crash the application or execute arbitrary code...

10CVSS9.3AI score0.09027EPSS

Exploits0References1

Tenable Nessus•added 2013/04/10 12:0 a.m.•33 views

Asterisk SIP SDP Buffer Overflow (AST-2013-001)

According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by a buffer overflow vulnerability related to SIP SDP headers and h264 video handling. This error could allow execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS6.2AI score0.02621EPSS

Exploits0References3

CVE•added 2011/10/25 7:0 p.m.•71 views

CVE-2011-3890

CVE-2011-3890: A use-after-free in Google Chrome prior to 15.0.874.102 related to video source handling can allow remote attackers to cause a denial of service or possibly other impact. Affects Chrome versions before the fixed build; exploitation details and in-wild activity are not described in ...

7.5CVSS7AI score0.01113EPSS

Exploits0References4Affected Software1

NVD•added 2011/09/19 12:2 p.m.•10 views

CVE-2011-2851

Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

5CVSS6.3AI score0.01296EPSS

Exploits0References5

UbuntuCve•added 2011/09/19 12:2 p.m.•17 views

CVE-2011-2851

Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

5CVSS5.9AI score0.01296EPSS

Exploits0References1

Cvelist•added 2011/09/17 10:0 a.m.•19 views

CVE-2011-2851

Google Chrome before 14.0.835.163 does not properly handle video, which allows remote attackers to cause a denial of service out-of-bounds read via unspecified vectors...

6.1AI score0.01296EPSS

Exploits0References5

Debian CVE•added 2011/09/17 10:0 a.m.•27 views

CVE-2011-2851

Removed by vendor...

5CVSS6.7AI score0.01296EPSS

Exploits0

OpenVAS•added 2011/01/27 12:0 a.m.•40 views

Google Chrome multiple vulnerabilities - Jan11 (Linux)

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnjan11lin.nasl 7052 2017-09-04 11:50:51Z teissa $ Google Chrome Multiple Vulnerabilities - Jan11 Linux Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone Networks...

10CVSS0.8AI score0.03394EPSS

Exploits9References2

NVD•added 2011/01/14 5:0 p.m.•18 views

CVE-2011-0483

Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform a cast of an unspecified variable during handling of video, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

5CVSS7.3AI score0.01696EPSS

Exploits0References8

UbuntuCve•added 2011/01/14 5:0 p.m.•20 views

CVE-2011-0483

5CVSS5.9AI score0.01696EPSS

Exploits0References1