Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2026/04/06 8:33 p.m.6 views

CVE-2026-34755

A flaw was found in vLLM, an inference and serving engine for large language models. A remote attacker can exploit a vulnerability in the VideoMediaIO.loadbase64 method by sending a single API request containing a large number of comma-separated base64-encoded JPEG frames. This bypasses the...

6.5CVSS7.1AI score0.0035EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.7 views

vLLM 安全漏洞

vLLM is an open-source solution designed for LLM-based models, featuring high throughput and memory-efficient reasoning and service engines. Versions of vLLM prior to 0.7.0 to 0.19.0 contained security vulnerabilities. These vulnerabilities stemmed from the VideoMediaIO.loadbase64 method not...

6.5CVSS5.8AI score0.0035EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/24 3:30 p.m.5 views

EUVD-2025-198650

Inadequate access control vulnerability in Davantis DFUSION v6.177.7, which allows unauthorised actors to extract images and videos related to alarm events through access to “/alarms//”, where the “MEDIA” parameter can take the value of “snapshot” or “video.mp4”. These media files contain images...

8.7CVSS6.4AI score0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-2414

Malware in sbrugna...

9.4CVSS9AI score0.00876EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2025/08/07 7:0 a.m.3 views

media: vidtv: Terminating the subsequent process of initialization failure

...

7.8CVSS7AI score0.00149EPSS
Exploits0
OSV
OSV
added 2025/07/23 5:10 p.m.6 views

DRUPAL-CONTRIB-2025-092

This module allows you to manage video media items using the COOKiES module disabling external video elements. These elements will be enabled again, once the COOKiES banner is accepted. The module doesn't sufficiently check whether to convert "data-src" attributes to "src" when their value might...

7.6CVSS6.7AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.11 views

CVE-2019-10610

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

9.4CVSS7.2AI score0.00876EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2022/06/17 11:44 a.m.10 views

tvavicenza.gruppovideomedia.it Cross Site Scripting vulnerability OBB-2654778

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
NVD
NVD
added 2020/04/16 11:15 a.m.30 views

CVE-2019-10610

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

9.4CVSS9.2AI score0.00876EPSS
Exploits0References1
Prion
Prion
added 2020/04/16 11:15 a.m.23 views

Buffer overflow

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

9.4CVSS9AI score0.00876EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/16 10:46 a.m.39 views

CVE-2019-10610

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

9.2AI score0.00876EPSS
Exploits0References1
CVE
CVE
added 2020/04/16 10:46 a.m.60 views

CVE-2019-10610

CVE-2019-10610 affects Qualcomm/Snapdragon video components where a buffer over-read can occur while parsing an SDP video media line with a frame-size attribute. Affected products include a wide range of Snapdragon Auto/Compute/IoT platforms (APQ/MDM/SC/SDM lines). The root cause is an over-read ...

9.4CVSS9AI score0.00876EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2015/12/11 12:0 a.m.45 views

WordPress S3 Video Remote Shell Upload

Exploit Title : Wordpress S3 Video Plugin file upload Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://plugins.svn.wordpress.org/s3-video/tags/0.91/ Affected Version: below version 0.91 Date : 9/12/2015 Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Jagriti,Kishan Sin...

0.4AI score
Exploits0
OSV
OSV
added 2012/10/30 7:55 p.m.4 views

DEBIAN-CVE-2012-0023

Double free vulnerability in the getchunkheader function in modules/demux/ty.c in VideoLAN VLC media player 0.9.0 through 1.1.12 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TiVo TY file...

9.3CVSS7.8AI score0.04916EPSS
Exploits0References1
OSV
OSV
added 2012/01/25 3:55 p.m.3 views

DEBIAN-CVE-2012-0885

chansip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the ressrtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted SDP message with a crypto attribu...

4.3CVSS6.3AI score0.02497EPSS
Exploits1References1
Prion
Prion
added 2012/01/25 3:55 p.m.14 views

Null pointer dereference

chansip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the ressrtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted SDP message with a crypto attribu...

4.3CVSS7AI score0.02497EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVE
added 2012/01/25 3:0 p.m.23 views

CVE-2012-0885

chansip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the ressrtp module is used and media support is improperly configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted SDP message with a crypto attribu...

4.3CVSS6.4AI score0.02497EPSS
Exploits1
seebug.org
seebug.org
added 2007/03/09 12:0 a.m.45 views

Apple QuickTime多个远程缓冲区溢出漏洞

Apple QuickTime是一款流行的多媒体播放器,支持多种媒体格式。 QuickTime在处理各种媒体格式时存在多个缓冲区溢出漏洞,远程攻击者可能利用这些漏洞通过诱使用户打开处理畸形媒体文件控制用户机器。 具体条目如下: QuickTime处理3GP视频文件时存在整数溢出。如果用户受骗打开了恶意的电影的话,就会触发这个溢出,导致拒绝服务或执行任意代码。(CVE-2007-0711) QuickTime处理MIDI文件时存在堆溢出。如果用户受骗打开了恶意的MIDI文件的话,就会触发这个溢出,导致拒绝服务或执行任意代码。(CVE-2007-0712)...

9.3CVSS6.4AI score0.08167EPSS
Exploits1
Rows per page
Query Builder