Lucene search
K

20 matches found

CVE
CVE
added 2026/06/23 7:53 p.m.19 views

CVE-2026-12891

The CVE-2026-12891 issue affects the GStreamer gst-plugins-bad package, specifically the H.266/VVC parser. A malformed H.266/VVC stream with a crafted aspect ratio indicator value can cause an out-of-bounds read of up to 8 bytes from adjacent memory. This could enable an attacker to craft a malic...

4.3CVSS5.7AI score0.00265EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2026/06/11 7:16 p.m.4 views

DEBIAN-CVE-2026-53701

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2026/06/11 7:16 p.m.5 views

UBUNTU-CVE-2026-53701

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/11 6:15 p.m.27 views

CVE-2026-53701 Gstreamer1-plugins-bad-free: gstreamer: out-of-bounds write in h.266/vvc pps picture partition parser

An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad. In the multi-slice-in-tile processing of gsth266parserparsepicturepartition gsth266parser.c, the loop iterates without checking that the slice index stays within bounds, writin...

6.5CVSS0.00206EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 7:17 p.m.6 views

UBUNTU-CVE-2025-55657

A NULL pointer dereference in the gfodfvvccfgwritebs function odf/descriptors.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

7.5CVSS5.2AI score0.00467EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

GPAC MP4Box 代码问题漏洞

GPAC MP4Box is a open-source multimedia packager from GPAC. It is primarily used for processing ISOBMF files such as MP4 and 3GP, but it can also be used for importing/exporting media from container files like AVI, MPG, MKV, and MPEG-2 TS. Version 2.4 of GPAC MP4Box has a code vulnerability cause...

7.5CVSS5.3AI score0.00467EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2026/05/11 12:0 a.m.14 views

gstreamer1 -- multiple vulnerabilities

The GStreamer project reports multiple security vulnerabilities fixed in the 1.28.3 release: Six security vulnerabilities were addressed, including: Bounds check errors in MXF VANC packet handling. Use-after-free in GStreamer core buffer value deserialization. Out-of-bounds read in MXF demuxer...

6.2AI score
Exploits0References6
Cvelist
Cvelist
added 2026/05/04 6:30 a.m.36 views

CVE-2026-7740 justdan96 tsMuxer vvc.cpp setFPS denial of service

A security vulnerability has been detected in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument trackid leads to denial of service. An attack has to be approached locally. The exploit has been disclosed...

4.8CVSS0.00113EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.10 views

PT-2026-36783

A security vulnerability has been detected in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument track id leads to denial of service. An attack has to be approached locally. The exploit has been disclose...

4.8CVSS5.4AI score0.00113EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.8 views

tsMuxer 安全漏洞

tsMuxer is a transport stream multiplexer developed by Dan’s individual developer, used for re-mixing/reusing basic streams. Versions of tsMuxer 2.7.0 and earlier contain security vulnerabilities. These vulnerabilities stem from the setFPS function in the tsMuxer/vvc.cpp file, which allows for...

4.8CVSS5.8AI score0.00113EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-49863

Malicious code in bioql PyPI...

7.8CVSS8.2AI score0.00314EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/04/30 12:0 a.m.6 views

The vulnerability of the gf_odf_vvc_cfg_write_bs function in the odf/descriptors.c file of the MP4Box packaging tool for the GPAC multimedia platform allows a attacker to cause a service failure.

The vulnerability of the gfodfvvccfgwritebs function in the odf/descriptors.c file of the MP4Box packaging tool for the GPAC multimedia platform is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.5AI score
Exploits0References1Affected Software1
OSV
OSV
added 2025/01/24 2:15 p.m.2 views

DEBIAN-CVE-2022-47090

GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gfvvcreadppsbsinternal function of mediatools/avparsers.c, check needed for numexptilecolumns...

7.8CVSS5.6AI score0.00248EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/01/25 12:0 a.m.6 views

The vulnerability of the gf_odf_vvc_cfg_read_bs() function on the GPAC multimedia platform allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the gfodfvvccfgreadbs function on the GPAC multimedia platform is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code or cause service failures...

7.8CVSS7.7AI score0.00403EPSS
Exploits1References5Affected Software2
Openbugbounty
Openbugbounty
added 2019/06/23 1:29 a.m.9 views

vvc-adventure.nl Cross Site Scripting vulnerability

Security Researcher logindenied Helped patch 7927 vulnerabilities Received 8 Coordinated Disclosure badges Received 76 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting vvc-adventure.nl website and its users. Following...

0.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2018/12/19 12:0 a.m.3 views

PT-2023-15162 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC MP4box version 2.1-DEV-rev574-g9d5bb184b Description: The issue is related to a Buffer Overflow that occurs via the gf vvc read sps bs internal function in the media tools/av parsers.c file. This function is part of the GPAC MP4box, whic...

9.8CVSS7AI score0.04615EPSS
Exploits93References233
Positive Technologies
Positive Technologies
added 2018/12/19 12:0 a.m.2 views

PT-2023-15160 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC MP4box version 2.1-DEV-rev574-g9d5bb184b Description: The issue is related to a buffer overflow in the gf vvc read pps bs internal function, located in the media tools/av parsers.c file. Recommendations: For GPAC MP4box version...

9.8CVSS7.8AI score0.04615EPSS
Exploits93References232
NVD
NVD
added 2014/09/10 10:55 a.m.22 views

CVE-2014-3037

Cross-site request forgery CSRF vulnerability in IBM Configuration Management Application aka VVC in IBM Rational Engineering Lifecycle Manager before 4.0.7 and 5.x before 5.0.1, Rational Software Architect Design Manager before 4.0.7 and 5.x before 5.0.1, and Rational Rhapsody Design Manager...

6CVSS6.1AI score0.00783EPSS
Exploits0References5
Prion
Prion
added 2014/09/10 10:55 a.m.22 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in IBM Configuration Management Application aka VVC in IBM Rational Engineering Lifecycle Manager before 4.0.7 and 5.x before 5.0.1, Rational Software Architect Design Manager before 4.0.7 and 5.x before 5.0.1, and Rational Rhapsody Design Manager...

6CVSS6.4AI score0.00783EPSS
Exploits0References5Affected Software3
Cvelist
Cvelist
added 2014/09/10 10:0 a.m.24 views

CVE-2014-3037

Cross-site request forgery CSRF vulnerability in IBM Configuration Management Application aka VVC in IBM Rational Engineering Lifecycle Manager before 4.0.7 and 5.x before 5.0.1, Rational Software Architect Design Manager before 4.0.7 and 5.x before 5.0.1, and Rational Rhapsody Design Manager...

6.1AI score0.00783EPSS
Exploits0References5
Rows per page
Query Builder