14 matches found
Astra Linux - уязвимость в ffmpeg5
A vulnerability was discovered in FFmpeg up to version 7.0.1. It has been classified as critical. This issue affects the pnmDecodeFrame function in the /libavcodec/pnmdec.c library. The vulnerability causes a heap-based buffer overflow. The attack can be initiated remotely. The exploit has been...
RHSA-2026:4447 Red Hat Security Advisory: libvpx security update
Bulletin has no description...
libvpx: Heap buffer overflow in libvpx
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Heap buffer overflow in libvpx...
CVE-2026-2447 Heap buffer overflow in libvpx
Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...
JLSEC-2025-133 A vulnerability was found in FFmpeg up to 7.0.1
A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnmdecodeframe in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...
Intel® VPL Software Advisory
Summary: A potential security vulnerability in some Intel® Video Processing Library VPL software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-21830 Description: Uncontrolled search path in...
Intel VPL 缓冲区错误漏洞
Intel VPL is a video processing library from Intel Corporation USA . A buffer error vulnerability exists in Intel VPL versions prior to 24.1.4, which originates from a memory out-of-bounds read. An attacker can exploit the vulnerability to obtain sensitive information...
Intel VPL 安全漏洞
Intel VPL is a video processing library from Intel Corporation USA . A security vulnerability exists in Intel VPL versions prior to 24.1.4, which is caused by a null pointer dereference. An attacker exploiting this vulnerability could cause a denial of service on the system...
[SECURITY] Fedora 39 Update: oneVPL-2023.3.1-1.fc39
The oneAPI Video Processing Library oneVPL provides a single video processi ng API for encode, decode, and video processing that works across a wide range of accelerators. The base package is limited to the dispatcher and samples. To use oneVPL for video processing you need to install at least on...
Fedora: Security Advisory for oneVPL (FEDORA-2023-b6aab4f954)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 38 Update: oneVPL-2023.3.1-1.fc38
The oneAPI Video Processing Library oneVPL provides a single video processi ng API for encode, decode, and video processing that works across a wide range of accelerators. The base package is limited to the dispatcher and samples. To use oneVPL for video processing you need to install at least on...
libvpx: crash related to VP9 encoding in libvpx
A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a w...
libvpx: crash related to VP9 encoding in libvpx
A heap-based buffer overflow flaw was found in libvpx, a library used to process VP9 video codecs data. This issue occurs when processing certain specially formatted video data via a crafted HTML page, allowing an attacker to crash or remotely execute arbitrary code in an application, such as a w...
USN-4199-1 libvpx vulnerabilities
It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...