CVE-2026-46222 media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads

In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: Add missing MUSTCONNECT flag to pads The pads missed checks for connected devices which may a null dereference when the stream is enabled. Unable to handle kernel NULL pointer dereference at virtual addres...

EUVD-2026-19475

ZLMediaKit is a streaming media service framework. the VP9 RTP payload parser in ext-codec/VP9Rtp.cpp reads multiple fields from the RTP payload based on flag bits in the first byte, without verifying that sufficient data exists in the buffer. A crafted VP9 RTP packet with a 1-byte payload 0xFF,...

CVE-2026-26967 PJSIP has a Heap-based Buffer Overflow vulnerability in its H.264 unpacketizer

PJSIP is a free and open source multimedia communication library written in C. In versions 2.16 and below, there is a critical Heap-based Buffer Overflow vulnerability in PJSIP's H.264 unpacketizer. The bug occurs when processing malformed SRTP packets, where the unpacketizer reads a 2-byte NAL...

SUSE CVE-2022-50757

In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance mediapipelinestart may fail with EPIPE, if a link validation betwee...

CVE-2022-50757

In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance mediapipelinestart may fail with EPIPE, if a link validation betwee...

UBUNTU-CVE-2022-50757

In the Linux kernel, the following vulnerability has been resolved: media: camss: Clean up received buffers on failed start of streaming It is required to return the received buffers, if streaming can not be started. For instance mediapipelinestart may fail with EPIPE, if a link validation betwee...

PT-2025-53123

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's media subsystem, specifically within the camss component, related to the handling of received buffers when streaming fails to start. If media pipeline...

CVE-2025-40165

CVE-2025-40165 concerns the Linux kernel driver media: nxp: imx8-isi for M2M streaming. If streamon/streamoff calls are imbalanced (e.g., exiting with Ctrl+C), m2m usage_count may not drop to zero and the ISI channel may not be freed, with an additional WARN_ON triggered when input width exceeds ...

EUVD-2017-2440

Malware in sbrugna...

EUVD-2024-42703

Malicious code in bioql PyPI...

EUVD-2023-53106

Malicious code in bioql PyPI...

CVE-2025-39714 media: usbtv: Lock resolution while streaming

In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock resolution while streaming When an program is streaming ffplay and another program qv4l2 changes the TV standard from NTSC to PAL, the kernel crashes due to trying to copy to unmapped memory. Changing from NTSC...

Akamai and Bitmovin: Revolutionizing Live and On-Demand Video Streaming

Discover how Akamai and Bitmovin’s partnership reduces costs, enhances performance, and delivers personalized video experiences to content providers...

CVE-2022-41971

Nextcould Talk android is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.8, 13.0.10, 14.0.6, and 15.0.0, guests can continue to receive video streams from a call after being removed from a conversation. An attacker would be able to see videos on a call in a public...

Linux Distros Unpatched Vulnerability : CVE-2024-50266

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus...

CVE-2024-32876

NewPipe is an Android app for video streaming written in Java. It supports exporting and importing backups, as a way to let users move their data to a new device effortlessly. However, in versions 0.13.4 through 0.26.1, importing a backup file from an untrusted source could have resulted in...

PT-2025-36308

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a kernel crash can occur due to trying to copy to unmapped memory. This happens when a program is streaming video and another program changes the...

CVE-2024-50266

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: videoccmvs0clk status stuck at...

DEBIAN-CVE-2024-50266

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: videoccmvs0clk status stuck at...

CVE-2024-50266

CVE-2024-50266 concerns the Linux kernel clk/qcom/videocc-sm8350 path where a venus driver change could cause a stuck vcodec clock (example: video_cc_mvs0_clk) on certain ThinkPad hardware. The issue is triggered by runtime control mode in GDSCs and was resolved by using HW_CTRL_TRIGGER for vcode...