CVE-2023-6605

HIGH Year: 2023
CVSS v3 Score
7.2
High
Weakness Type
CWE-99
View all →

Vulnerability Description

A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs.

Related Vulnerabilities

CVE-2016-8615

HIGH
CVSS:7.5(High)

A flaw was found in curl before version 7.51. If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies...

CWE-992016

CVE-2019-6545

HIGH
CVSS:7.5(High)

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update. An unauthenticated remote user could use a specia...

CWE-992019

CVE-2020-5230

HIGH
CVSS:7.5(High)

Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used...

CWE-992020

CVE-2023-6603

HIGH
CVSS:7.5(High)

A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.

CWE-992023

CVE-2025-1642

MEDIUM
CVSS:7.5(High)

A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of the file /AGE0000700/GetImageMedico?fooId=1. The manipulation o...

CWE-992025

CVE-2020-8177

HIGH
CVSS:7.8(High)

curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used.

CWE-992020