Lucene search
K

12 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in ffmpeg

A buffer overflow vulnerability exists in FFmpeg 4.2 in the movwritevideotag function, due to an out-of-bounds access in the libavformat/movenc.c file. This vulnerability could allow a remote malicious user to obtain sensitive information, cause a Denial of Service, or execute arbitrary code...

8.8CVSS7.4AI score0.02468EPSS
Exploits1References2
NVD
NVD
added 2026/05/28 8:16 a.m.17 views

CVE-2026-6427

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filtervideos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...

6.4CVSS0.00291EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/28 6:45 a.m.9 views

CVE-2026-6427 a3 Lazy Load <= 2.7.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Video Element

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filtervideos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...

6.4CVSS5.8AI score0.00291EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/28 6:45 a.m.14 views

EUVD-2026-32733

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filtervideos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...

6.4CVSS5.8AI score0.00291EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44198

The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.7.6 This is due to a regex bug in the filter videos method that breaks HTML attribute quoting when processing crafted elements, combined with unescaped output in the...

6.4CVSS5.8AI score0.00291EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/10/09 12:0 a.m.16 views

CentOS 7 : thunderbird (RHSA-2022:9079)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:9079 advisory. - If a Thunderbird user quoted from an HTML email, for example by replying to the email, and the email contained either a VIDEO tag with the POSTER...

9.8CVSS8.3AI score0.00921EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.4 views

SUSE CVE-2020-22015

Buffer Overflow vulnerability in FFmpeg 4.2 in movwritevideotag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code...

5.5CVSS7.5AI score0.02468EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2022/12/15 4:27 p.m.7 views

Mozilla: Quoting from an HTML email with certain tags will trigger network requests and load remote content, regardless of a configuration to block remote content

The Mozilla Foundation Security Advisory describes this flaw as: If a Thunderbird user quoted from an HTML email and the email contained either a video tag with the poster attribute or an object tag with a data attribute, a network request to the referenced remote URL was performed regardless of ...

8.1CVSS7.5AI score0.00768EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2022/12/01 9:26 a.m.38 views

CVE-2022-45414

The Mozilla Foundation Security Advisory describes this flaw as: If a Thunderbird user quoted from an HTML email and the email contained either a video tag with the poster attribute or an object tag with a data attribute, a network request to the referenced remote URL was performed regardless of ...

8.1CVSS1.7AI score0.00768EPSS
Exploits0References4
OSV
OSV
added 2022/01/10 11:15 p.m.3 views

DEBIAN-CVE-2021-36412

A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gprtpbuilderdompeg12video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command,...

7.8CVSS8.3AI score0.00851EPSS
Exploits1References1
OSV
OSV
added 2021/05/26 5:15 p.m.2 views

UBUNTU-CVE-2020-22015

Buffer Overflow vulnerability in FFmpeg 4.2 in movwritevideotag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code...

8.8CVSS7AI score0.02468EPSS
Exploits1References4
Atlassian
Atlassian
added 2016/03/21 9:23 p.m.19 views

Security Issue with multimedia playback on Mac OSX

Currently your multimedia playback method uses an older and insecure method. I had to reinstate old plugins to make it work, and I would like to be able to disable these plugins as soon as possible. Can you please update your code for this as outlined here: https://support.apple.com/en-au/HT20508...

0.2AI score
Exploits0Affected Software1
Rows per page
Query Builder