EUVD-2015-6698

Malware in sbrugna...

USN-7579-1: Godot Engine vulnerabilities

It was discovered that the Godot Engine did not properly handle certain malformed WebM media files. If the Godot Engine opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. CVE-2019-2126 It was discovered that the Godot Engin...

SUSE CVE-2018-6406

The function ParseVP9SuperFrameIndex in common/libwebmutil.cc in libwebm through 2018-01-30 does not validate the childframelength data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service heap-based buffer over-read and later out-of-bounds...

CVE-2022-1924

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using lzo decompression. This vulnerability can result in application crash, memory corruption, and code execution...

CVE-2022-1923

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska/WebM file using bzip decompression. This vulnerability can result in application crash, memory corruption, and code execution...

CVE-2018-6406

The function ParseVP9SuperFrameIndex in common/libwebmutil.cc in libwebm through 2018-01-30 does not validate the childframelength data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service heap-based buffer over-read and later out-of-bounds...

CVE-2015-6761

The updatedimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race condition and memory...

CVE-2015-6761

The updatedimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race condition and memory...

Race condition

The updatedimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race condition and memory...

CVE-2015-6761

The updatedimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race condition and memory...

CVE-2015-6761

The updatedimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cause a denial of service race condition and memory...

VideoLAN VLC MKV Memory Corruption

No description provided by source. $Id: vlcwebm.rb 11725 2011-02-08 18:22:36Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Debian Security Advisory DSA 2306-1 (ffmpeg)

The remote host is missing an update to ffmpeg announced via advisory DSA 2306-1. OpenVAS Vulnerability Test $Id: deb23061.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2306-1 ffmpeg Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian DSA-2306-1 : ffmpeg - several vulnerabilities

Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-3908 FFmpeg before 0.5.4, allows remote attackers to cause a denial of service memory corruption and...

[SECURITY] [DSA 2306-1] ffmpeg security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2306-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano September 11, 2011 http://www.debian.org/security/faq -...

Ubuntu Update for ffmpeg vulnerabilities USN-1104-1

Ubuntu Update for Linux kernel vulnerabilities USN-1104-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11041.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for ffmpeg vulnerabilities USN-1104-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Ubuntu Update for libvpx vulnerability USN-1087-1

Ubuntu Update for Linux kernel vulnerabilities USN-1087-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10871.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for libvpx vulnerability USN-1087-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

VideoLAN VLC Media Player 1.1.6 - 'MKV' Memory Corruption (Metasploit)

$Id: vlcwebm.rb 11725 2011-02-08 18:22:36Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

CVE-2011-0480

Multiple buffer overflows in vorbisdec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a craft...

CVE-2011-0480

Multiple buffer overflows in vorbisdec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other impact via a craft...