📄 Frigate NVR 0.16.3 Remote Code Execution

Frigate NVR version 0.16.3 proof of concept remote code execution exploit written in Python. Exploit Title: Frigate NVR 0.16.3 - Remote Code Execution Date: 2026-02-05 Exploit Author: jduardo2704 Vendor Homepage: https://frigate.video/ Software Link: https://github.com/blakeblackshear/frigate...

PT-2026-22880

Name of the Vulnerable Software and Affected Versions AVideo versions prior to 23 Description The software contains an unauthenticated SQL injection flaw within the objects/videos.json.php and objects/video.php components. The application does not properly sanitize the catName parameter when...

CVE-2025-34439

Summary: CVE-2025-34439 affects AVideo versions prior to 20.1, with an open redirect flaw during user login due to missing validation of the cancelUri parameter. What’s affected: AVideo before version 20.1. Root cause: Lack of input validation on cancelUri during login, enabling an attacker to cr...

JLSEC-2025-112 FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may ...

FFmpeg =4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution...

OESA-2024-1834 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: Integer overflow...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A command execution vulnerability exists in versions of Ffmpeg prior to n6.1, which can be exploited by an attacker to execute arbitrary commands on a system...

PT-2024-13523 · Wwbn · Avideo

Name of the Vulnerable Software and Affected Versions: WWBN AVideo version 11.6 WWBN AVideo dev master commit 15fed957fb Description: A cross-site scripting xss issue exists in the channelBody.php user name functionality. This allows arbitrary Javascript execution through a specially crafted HTTP...

PT-2023-24062 · Video · Video

Name of the Vulnerable Software and Affected Versions: In video affected versions not specified Description: The issue is related to a possible memory corruption due to a race condition in video. This could lead to local escalation of privilege with no additional execution privileges needed. User...

SUSE CVE-2020-22038

A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ffv4l2m2mcreatecontext function in v4l2m2m.c...

CVE-2021-25874

AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL Injection SQL injection in the catName parameter which allows a remote unauthenticated attacker to retrieve databases information such as application passwords hashes...

Adobe After Effects Memory Buffer Out-of-Bounds Access Vulnerability (CNVD-2021-89936)

Adobe After Effects "AE" is a graphics video processing software from Adobe for organizations involved in design and video special effects, including television stations, animation production companies, personal post-production studios, and multimedia studios. Effects 18.4.1 and earlier versions...

Denial Of Service

gpac is vulnerable to denial of service. An attacker is able to crash the system by getting a user to open a malicious video...

Denial Of Service

gpac is vulnerable to denial of service. An attacker is able to crash the system by getting a user to open a malicious video...

Shenzhen Xunlei Network Technology Co., Ltd Xunlei Video has dll hijacking vulnerability

Founded in 2003, Shenzhen Xunlei Network Technology Co., Ltd. is a shared computing and blockchain technology innovation enterprise. Shenzhen Xunlei Network Technology Co., Ltd Xunlei Video has a dll hijacking vulnerability, which can be exploited by an attacker to load a malicious dll and execut...

Code Execution Vulnerability in CCTV Video PC Version

CCTV for PC is a live network TV broadcasting software. A code execution vulnerability exists in CCTV Video for PC. An attacker can exploit the vulnerability to execute arbitrary code...

FFmpeg heap buffer overflow vulnerability (CNVD-2019-22635)

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. A heap buffer overflow vulnerability exists in blockcmp in libavcodec/zmbvenc.c in FFmpeg 4.1.3. No detailed vulnerability details are provided at...

arxius: Local File Disclosure via ffmpeg

Summary ffmpeg is a video and audio software that is used for generating previews and for converting videos. Your current installation allows HLS playlists that contain references to external files, which leads to local file disclosure. Reproduction 1. Download this script...

U.S. Dept Of Defense: QuickTime Promotion on a DoD website

A Department of Defense website was configured to require users to view video files using an insecure software application. Thanks for notifying us of this, @spam404!...