62 matches found
Astra Linux - уязвимость в libvpx
There is a heap overflow vulnerability in libvpx. Encoding a frame with dimensions larger than the originally configured size using VP9 may lead to a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or higher...
UBUNTU-CVE-2026-6783
Incorrect boundary conditions, integer overflow in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150 and Thunderbird 150...
[SECURITY] Fedora 42 Update: gst-editing-services-1.26.11-1.fc42
This is a high-level library for facilitating the creation of audio/video non-linear editors...
UBUNTU-CVE-2026-4714
Incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
ALSA-2026:4629 Important: libvpx security update
The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 For more details about the security issues, including the...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...
libvpx: Heap buffer overflow in libvpx
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Heap buffer overflow in libvpx...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...
libvpx: Heap buffer overflow in libvpx
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Heap buffer overflow in libvpx...
CVE-2026-2447
Heap buffer overflow in libvpx. This vulnerability affects Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...
Medusa 安全漏洞
Medusa is an open-source video library manager for TV shows developed by pyMedusa. Versions of Medusa prior to 2.12.2 contained security vulnerabilities. These vulnerabilities stemmed from a race condition in the registerUsage function of the promotional module, which could allow unauthenticated...
libuvc 代码问题漏洞
Libuvc is an open-source cross-platform library for USB video devices. Versions of Libuvc prior to 0.0.7 have code vulnerabilities. These vulnerabilities stem from a flaw in the uvcscanstreaming function in the src/device.c file within the UVC Descriptor Handler component, which may lead to null...
FreeBSD : Mozilla -- Use-after-free (a74a1ffc-d6a8-11f0-8e1b-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a74a1ffc-d6a8-11f0-8e1b-b42e991fc52e advisory. https://bugzilla.mozilla.org/showbug.cgi?id=1840666 reports: Use-after-free in the Audio/Video: GMP...
EUVD-2017-17237
Malware in sbrugna...
EUVD-2009-4699
Malware in sbrugna...
EUVD-2023-55072
Malicious code in bioql PyPI...
EUVD-2023-55073
Malicious code in bioql PyPI...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from the American company Google. A security vulnerability exists in Google Android, which stems from an incorrect boundary check in the Exynosparsinguserdataregistereditutt35 function of the VendorVideoAPI.cpp file, which may be subjec...
UBUNTU-CVE-2023-51798
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception FPE error at libavfilter/vfminterpolate.c:1078:60 in interpolate...
CVE-2023-50259
CVE-2023-50259 affects Medusa prior to 1.0.19, where the /home/testslack endpoint allows unauthenticated blind SSRF. The issue arises because the testslack handler does not validate the user-controlled slack_webhook URL, passing it to notifiers.slack_notifier.test_notify, then _notify_slack and _...