WWBN AVideo has Stored XSS via Unanchored Duration Regex in Video Encoder Receiver

Summary The isValidDuration regex at objects/video.php:918 uses /^0-91,2:0-91,2:0-91,2/ without a $ end anchor, allowing arbitrary HTML/JavaScript to be appended after a valid duration prefix. The crafted duration is stored in the database and rendered without HTML escaping via echo...

EUVD-2025-2204

Malicious code in bioql PyPI...

EUVD-2022-42352

Malicious code in bioql PyPI...

EUVD-2022-42353

Malicious code in bioql PyPI...

CVE-2022-39907

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

CVE-2025-20891

Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...

CVE-2025-20891

Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...

CVE-2025-20891

Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...

CVE-2025-20891

CVE-2025-20891 : Out-of-bounds read in decoding malformed bitstreams of video thumbnails in libsthmbc.so, enabling local attackers to read memory. Affected on Samsung Mobile devices prior to SMR Jan-2025 Release 1; exploitation requires user interaction. Multiple sources confirm the issue and ref...

CVE-2025-20891

Out-of-bounds read in decoding malformed bitstream of video thumbnails in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability...

PT-2025-4173 · Unknown · Libsthmbc.So

Name of the Vulnerable Software and Affected Versions: libsthmbc.so versions prior to SMR Jan-2025 Release 1 Description: The issue is related to an out-of-bounds read in the decoding of malformed bitstreams of video thumbnails in libsthmbc.so. This allows local attackers to read arbitrary memory...

WordPress Plugin Gallery - Image and Video Gallery with Thumbnails Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Gallery - Image and Video...

CVE-2022-39907

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

CVE-2022-39908

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

CVE-2022-39908

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

Integer overflow

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

CVE-2022-39908

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...

PT-2022-25101 · Samsung · Samsung Decoding Library

Name of the Vulnerable Software and Affected Versions: Samsung decoding library versions prior to SMR Dec-2022 Release 1 Description: The issue is related to a TOCTOU vulnerability in the Samsung decoding library for video thumbnails, which allows a local attacker to perform an Out-Of-Bounds Writ...

CVE-2022-39908

CVE-2022-39908 affects Samsung decoding library used for video thumbnails on Samsung Mobile devices prior to SMR Dec-2022 Release 1. The root cause is a TOCTOU condition enabling a local attacker to perform an Out-Of-Bounds Write. Affected component: Samsung decoding library for video thumbnails;...

CVE-2022-39907

Integer overflow vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write...