[SECURITY] [DSA 6082-1] vlc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6082-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 14, 2025 https://www.debian.org/security/faq -...

PT-2025-41550

Name of the Vulnerable Software and Affected Versions V-SFT versions prior to 6.2.7.0 Description An out-of-bounds write vulnerability exists in the VS6ComFile!CItemDraw::is motion tween function. Opening specially crafted V-SFT files may lead to information disclosure, system crashes, and...

EUVD-2021-10789

Malware in sbrugna...

EUVD-2005-3489

Malware in sbrugna...

EUVD-2024-40188

Malicious code in bioql PyPI...

EUVD-2022-36277

Malicious code in bioql PyPI...

EUVD-2022-27239

Malicious code in bioql PyPI...

CVE-2021-47652

The CVE-2021-47652 issue affects the Linux kernel driver path video: fbdev: smscufx (ufx_usb_probe). The root cause was a null pointer dereference when fb_alloc_cmap() fails in the probe path because modelist was not initialized yet; the error handling path called fb_destroy_modelist() leading to...

CVE-2025-23523 WordPress HSS Embed Streaming Video plugin <= 3.23 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hoststreamsell HSS Embed Streaming Video allows Reflected XSS. This issue affects HSS Embed Streaming Video: from n/a through 3.23...

CVE-2022-22085

Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

Command Execution Vulnerability in HZ Video Security Exchange Access System of Hangzhou HZ Data Technology Co.

Ltd. "HZD", founded in 2003, is a high-tech company specializing in R&D, production and sales in the field of data security and big data. A command execution vulnerability exists in the Hopscotch Video Security Exchange Access System of Hangzhou Hopscotch Data Technology Co., Ltd, which can be...

GSD-2023-1001277 staging: media: tegra-video: fix device_node use after free

staging: media: tegra-video: fix devicenode use after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...

CVE-2022-25679

Denial of service in video due to improper access control in broadcast receivers in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

Bosch Video Security Code Injection Vulnerability

Bosch Video Security is a video security system from Bosch, Germany. Used to connect to Bosch Ip cameras and encoders from around the world, experience instant video playback, full access to your recordings, forensic search of cameras with Bosch video analytics support, and smooth control of Ptz...

CVE-2021-23863

HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacke...

CVE-2021-23863

HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacke...

Code injection

HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacke...

CVE-2021-23863

The CVE affects Bosch Video Security software (version 3.2.3 and earlier). A code injection vulnerability enables an attacker to inject arbitrary HTML into a WebView-loaded component, potentially causing the application to display attacker-controlled web resources. The root cause is HTML/code inj...

CVE-2021-23863

HTML code injection vulnerability in Android Application, Bosch Video Security, version 3.2.3. or earlier, when successfully exploited allows an attacker to inject random HTML code into a component loaded by WebView, thus allowing the Application to display web resources controlled by the attacke...

Bosch Video Security 跨站脚本漏洞

Bosch Video Security is a video security system from Bosch, Germany. Used to connect to Bosch Ip cameras and encoders from around the world, experience instant video playback, full access to your recordings, forensic search of cameras with Bosch video analytics support, and smooth control of Ptz...