181 matches found
CVE-2024-27873
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Monterey 12.7.6, macOS Sonoma 14.6, macOS Ventura 13.6.8. Processing a maliciously crafted video file may lead to unexpected app...
CVE-2022-25653
Information disclosure in video due to buffer over-read while processing avi file in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...
Comparing Video Processing Units (VPUs), GPUs, and CPUs
More users than ever subscribe to on-demand media streaming and engage with live streaming video over the internet, rather than broadcast television...
nginx: specially crafted MP4 file may cause denial of service
A flaw was found in the ngxhttpmp4module module of Nginx. Processing a specially crafted MP4 file can trigger a buffer over-read and cause the nginx process to terminate, resulting in a denial of service...
SUSE-SU-2025:1477-1 Security update for libva
This update for libva fixes the following issues: Update to libva version 2.20.0, which includes security fix for: uncontrolled search path may allow an authenticated user to escalate privilege via local access CVE-2023-39929, bsc1224413, jscPED-11066 This includes latest version of one of the...
SUSE-SU-2025:20189-1 Security update for kernel-livepatch-MICRO-6-0_Update_3
This update for kernel-livepatch-MICRO-6-0Update3 fixes the following issues: - CVE-2024-57882: Fixed mptcp: fix TCP options overflow. bsc1235916 - CVE-2024-56648: Fixed net: hsr: avoid potential out-of-bound access in fillframeinfo bsc1235452 - CVE-2024-50302: Fixed HID: core: zero-initialize th...
CVE-2025-22011 ARM: dts: bcm2711: Fix xHCI power-domain
In the Linux kernel, the following vulnerability has been resolved: ARM: dts: bcm2711: Fix xHCI power-domain During s2idle tests on the Raspberry CM4 the VPU firmware always crashes on xHCI power-domain resume: root@raspberrypi:/sys/power echo freeze state 70.724347 xhcisuspend finished 70.727730...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a misconfiguration of the xHCI power domain, which could cause the VPU firmware to crash on recovery...
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), is related to an uncontrolled search path element, which allows a hacker to enhance their privileges.
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library VPL, is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...
CVE-2025-27091
OpenH264 decoding vulnerability (CVE-2025-27091) affects OpenH264 2.5.0 and earlier in both SVC and AVC modes. A race condition between SPS memory allocation and subsequent non-IDR NAL memory usage can enable a remote, unauthenticated attacker to trigger a heap overflow by delivering a crafted bi...
CVE-2025-27091 OpenH264 Decoding Functions Heap Overflow Vulnerability
OpenH264 is a free license codec library which supports H.264 encoding and decoding. A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due to a race condition between a Sequence...
CVE-2025-27091
OpenH264 is a free license codec library which supports H.264 encoding and decoding. A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due to a race condition between a Sequence...
cisco -- OpenH264 Decoding Functions Heap Overflow Vulnerability
Cisco reports: A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due to a race condition between a Sequence Parameter Set SPS memory allocation and a subsequent non Instantaneous...
Intel Video Processing Library 代码问题漏洞
Intel Video Processing Library Intel VPL is a video processing library from Intel Corporation USA. A code issue vulnerability exists in Intel Video Processing Library versions prior to 2023.4.0 that stems from an unrestricted path search that results in elevated local privileges...
Intel® VPL Software Advisory
Summary: A potential security vulnerability in some Intel® Video Processing Library VPL software may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2024-21830 Description: Uncontrolled search path in...
CVE-2022-25687
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
CVE-2022-22087
memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...
The vulnerability of the DXA demultiplexer in the FFmpeg multimedia library allows a hacker to cause a service failure.
The vulnerability of the DXA demultiplexer in the FFmpeg multimedia library is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), stems from incorrect neutralization of certain elements in the output data. This allows attackers to exploit their privileges.
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library VPL, is related to incorrect elimination of certain elements in the output data. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library (VPL), is related to pointer dereferencing errors. This vulnerability allows an attacker to trigger a service failure.
The vulnerability of the software tools for accelerated video processing at the hardware level, the Intel Video Processing Library VPL, is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...