12 matches found
Astra Linux – Vulnerability in ffmpeg
A buffer overflow vulnerability exists in FFmpeg 4.2 in the movwritevideotag function, due to an out-of-bounds access in the libavformat/movenc.c file. This vulnerability could allow a remote malicious user to obtain sensitive information, cause a Denial of Service, or execute arbitrary code...
CVE-2026-6427
The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filtervideos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...
CVE-2026-6427 a3 Lazy Load <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Element
The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filtervideos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...
EUVD-2026-32733
The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filtervideos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...
PT-2026-44198
The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filter videos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...
CentOS 7 : thunderbird (RHSA-2022:9079)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9079 advisory. - If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER...
SUSE CVE-2020-22015
Buffer Overflow vulnerability in FFmpeg 4.2 in movwritevideotag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code...
Mozilla: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content
The Mozilla Foundation Security Advisory describes this flaw as: If a Thunderbird user quoted from an HTML email and the email contained either a video tag with the poster attribute or an object tag with a data attribute, a network request to the referenced remote URL was performed regardless of ...
CVE-2022-45414
The Mozilla Foundation Security Advisory describes this flaw as: If a Thunderbird user quoted from an HTML email and the email contained either a video tag with the poster attribute or an object tag with a data attribute, a network request to the referenced remote URL was performed regardless of ...
DEBIAN-CVE-2021-36412
A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gprtpbuilderdompeg12video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command,...
UBUNTU-CVE-2020-22015
Buffer Overflow vulnerability in FFmpeg 4.2 in movwritevideotag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code...
Security Issue with multimedia playback on Mac OSX
Currently your multimedia playback method uses an older and insecure method. I had to reinstate old plugins to make it work, and I would like to be able to disable these plugins as soon as possible. Can you please update your code for this as outlined here: https://support.apple.com/en-au/HT20508...