CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

RedHat Linux•added 2026/05/11 8:53 a.m.•5 views

nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files

A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...

8.5CVSS7.7AI score0.00026EPSS

Exploits0References5

OSV•added 2026/04/20 11:11 a.m.•4 views

CLSA-2026-1776683513 nginx: Fix of CVE-2026-27784

CVE-2026-27784: fix integer overflow in mp4 module atom entry validation on 32-bit platforms...

8.5CVSS5.9AI score0.00017EPSS

Exploits0References1

RedHat Linux•added 2026/04/01 9:40 a.m.•6 views

firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: GMP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: GMP component...

7.5CVSS7.1AI score0.00027EPSS

Exploits0References6

OSV•added 2026/03/27 7:10 a.m.•0 views

BIT-NGINX-GATEWAY-2026-32647 NGINX ngx_http_mp4_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS6.1AI score0.00026EPSS

Exploits0References2

AlpineLinux•added 2026/03/24 2:13 p.m.•0 views

CVE-2026-32647

8.5CVSS6.1AI score0.00026EPSS

Exploits0

AlpineLinux•added 2026/02/24 1:33 p.m.•3 views

CVE-2026-2788

Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00024EPSS

Exploits0References6

Vulnrichment•added 2026/02/01 12:15 p.m.•2 views

CVE-2021-47915 PHP Melody 3.0 SQL Injection Vulnerability via Edit Video Parameter

PHP Melody version 3.0 contains a remote SQL injection vulnerability in the video edit module that allows authenticated attackers to inject malicious SQL commands. Attackers can exploit the unvalidated 'vid' parameter to execute arbitrary database queries and potentially compromise the web...

8.6CVSS6.1AI score0.00024EPSS

Exploits1References4

CNNVD•added 2026/02/01 12:0 a.m.•3 views

PHPSUGAR PHP Melody SQL注入漏洞

PHPSUGAR PHP Melody is a content management system developed by PHPSUGAR. Version 3.0 of PHPSUGAR PHP Melody contains an SQL injection vulnerability. This vulnerability stems from the vid parameter in the video editing module, which has a remote SQL injection vulnerability. This could allow...

8.8CVSS5.9AI score0.00024EPSS

Exploits1References4

EUVD•added 2025/12/09 6:30 p.m.•3 views

EUVD-2025-202160

Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox 146...

5.9AI score0.00061EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-27253

Malware in sbrugna...

7.5CVSS7.6AI score0.00131EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-2149

Malware in sbrugna...

6.8CVSS6.4AI score0.00254EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2012-2148

Malware in sbrugna...

4.3CVSS6.4AI score0.00475EPSS

Exploits0References7

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-23924

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.001EPSS

Exploits0References2

Positive Technologies•added 2025/06/10 12:0 a.m.•0 views

PT-2025-35953

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the uvc parse format function within the uvcvideo module. A buffer length check only ensured a minimum buffer size of 3 bytes, while the function...

7.1CVSS7.2AI score0.00024EPSS

Exploits0

RedhatCVE•added 2025/05/23 2:54 a.m.•1 views

CVE-2023-1696

The multimedia video module has a vulnerability in data processing.Successful exploitation of this vulnerability may affect availability...

7.5CVSS6.9AI score0.001EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:47 p.m.•3 views

CVE-2021-40063

There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality...

7.5CVSS6.9AI score0.00131EPSS

Exploits0

RedhatCVE•added 2025/05/22 5:15 a.m.•3 views

CVE-2013-0224

The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFmpeg transcoder, allows local users to execute arbitrary PHP code by modifying a temporary PHP file...

4.4CVSS7.6AI score0.00058EPSS

Exploits0References1

RedHat Linux•added 2025/05/14 4:21 p.m.•4 views

nginx: specially crafted MP4 file may cause denial of service

A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...

5.7CVSS7.5AI score0.00202EPSS

Exploits0References5

CNNVD•added 2023/12/28 12:0 a.m.•1 views

SeaCMS 安全漏洞

SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A cross-site scripting vulnerability exists in SeaCMS v12.8, which stems from the lack of effective filtering and escaping of user-supplied da...

5.4CVSS6AI score0.00207EPSS

Exploits1References4

ATTACKERKB•added 2023/12/14 9:15 a.m.•1 views

CVE-2023-48925

SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6, allows attackers to escalate privileges and obtain sensitive information via the component BaVideoTabSaveVideoModuleFrontController::run...

9.8CVSS7.4AI score0.0016EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by