Searching video software vulnerabilities

The Video Control Panel on SGI O2/IRIX 6.5, whe

attackers | videoout | session | console | "Output | Default | Control | videoin | O2/IRIX | running | access | Video" | allows | Panel | Video | Input | then | set | SGI |

The Video Control Panel on SGI O2/IRIX 6.5, when the Default Input is set to "Output Video", allows attackers to access a console session by running videoout then videoin.


FlexWATCH Network video server 132 allows remot

FlexWATCH | Network | server | video |

FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//).


Buffer overflow in the get_header function in a

asf_mmst_streamingc | get_header | attackers | arbitrary | overflow | function | execute | MPlayer | crafted | stream | 10pre5 | Buffer | remote | allows | video | code | via | ASF |

Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream.


Axis Network Camera 2.40 and earlier, and Video

Network | Camera | Axis |

Axis Network Camera 2.40 and earlier, and Video Server 3.12 and earlier, allows remote attackers to execute arbitrary commands via accent (`) and possibly other shell metacharacters in the query string to virtualinput.cgi.


Absolute path traversal vulnerability in main.c

vulnerability | Wireless-B | arbitrary | next_file | attackers | parameter | traversal | pathname | Internet | Absolute | maincgi | Linksys | remote | Camera | WVC11B | allows | Video | files | path | read | via |

Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the next_file parameter.


Cross-site scripting (XSS) vulnerability in mai

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter.


Unrestricted file upload vulnerability in the A

Administration | administrators | authenticated | vulnerability | Unrestricted | arbitrary | NewsPHP | instead | execute | upload | allows | remote | video | files | Panel | code | file |

Unrestricted file upload vulnerability in the Administration Panel for NewsPHP allows remote authenticated administrators to upload and execute arbitrary code instead of video files.


Raysoft/Raybase Video Cam Server 1.0.0 beta all

Raysoft/Raybase | Server | Video | Cam |

Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to determine the full pathname of the server via a request for an invalid page, as demonstrated using "%20" (hex-encoded space).


Directory traversal vulnerability in Raysoft/Ra

Raysoft/Raybase | vulnerability | Directory | traversal | Server | Video | Cam |

Directory traversal vulnerability in Raysoft/Raybase Video Cam Server 1.0.0 beta allows remote attackers to read arbitrary files via ".." (dot dot) sequences in an HTTP request.


Unknown vulnerability in FlexCast Audio Video S

vulnerability | Streaming | FlexCast | Unknown | vectors | impact | attack | before | Server | Audio | Video | has |

Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors.


Directory traversal vulnerability in the web se

vulnerability | traversal | Directory | Security | server | Video | Asus | web |

Directory traversal vulnerability in the web server in Asus Video Security 3.5.0.0 and earlier allows remote attackers to read arbitrary files via "../" or "..\" sequences in the URL.


Buffer overflow in Apple QuickTime before 7.1 a

QuickTime | attackers | arbitrary | overflow | crafted | execute | remote | Buffer | before | allows | MPEG4 | Apple | code | via |

Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime MPEG4 (M4P) video format file.


Buffer overflow in Apple QuickTime before 7.1 a

QuickTime | attackers | arbitrary | overflow | crafted | execute | Buffer | format | before | remote | allows | Apple | video | code | file | via | AVI |

Buffer overflow in Apple QuickTime before 7.1 allows remote attackers to execute arbitrary code via a crafted QuickTime AVI video format file.


Cross-site scripting (XSS) vulnerability in XMB

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in XMB Forum 1.9.5 allows remote attackers to inject arbitrary web script or HTML by uploading a Flash (.SWF) video that contains a getURL function call, which causes the video to be rendered without disabling ActionScript.


siteadmin/useredit.php in AlstraSoft Video Shar

siteadmin/usereditphp | authentication | information | Enterprise | AlstraSoft | attackers | request | remote | allows | direct | modify | obtain | Video | Share | which | check | does | user | not | via |

siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information via a direct request.


SQL injection vulnerability in msg.php in Alstr

vulnerability | authenticated | AlstraSoft | Enterprise | parameter | injection | arbitrary | commands | execute | remote | msgphp | allows | Video | users | Share | SQL | via |

SQL injection vulnerability in msg.php in AlstraSoft Video Share Enterprise allows remote authenticated users to execute arbitrary SQL commands via the id parameter.


Heap-based buffer overflow in Microsoft MSN Mes

user-assisted | conversation | unspecified | Heap-based | attackers | involving | arbitrary | Messenger | Microsoft | overflow | handling | sessions | vectors | execute | allows | remote | buffer | video | Live | chat | code | Cam | MSN | via | Web |

Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions.


NVIDIA drivers (nvidia-drivers) before 1.0.7185

drivers | NVIDIA |

NVIDIA drivers (nvidia-drivers) before 1.0.7185, 1.0.9639, and 100.14.11, as used in Gentoo Linux and possibly other distributions, creates /dev/nvidia* device files with insecure permissions, which allows local users to modify video card settings, cause a denial of service (crash or physical video card damage), and obtain sensitive information.


The Cisco Video Surveillance IP Gateway Encoder

Encoder/Decoder | Surveillance | Gateway | Cisco | Video |

The Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier have default passwords for the sypixx and root user accounts, which allows remote attackers to perform administrative actions, aka CSCsj34681.


The telnet service in Cisco Video Surveillance

Encoder/Decoder | Surveillance | Gateway | service | telnet | Cisco | Video |

The telnet service in Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier does not require authentication, which allows remote attackers to perform administrative actions, aka CSCsj31729.


Software vulnerabilities results 1 to 20 of 54     
Page: 123