Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libass project libass vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2020-24994
Stack overflow in the parse_tag function in libass/ass_parse.c in libass prior to 0.15.0 allows remote malicious users to cause a denial of service or remote code execution via a crafted file.
Libass Project Libass
6.8
CVSSv2
CVE-2020-26682
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.
Libass Project Libass 0.14.0
6.8
CVSSv2
CVE-2020-36430
libass 0.15.x prior to 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction.
Libass Project Libass
Fedoraproject Fedora 34
5
CVSSv2
CVE-2016-7970
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass prior to 0.13.4 allows remote malicious users to cause a denial of service via unspecified vectors.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Libass Project Libass
5
CVSSv2
CVE-2016-7972
The check_allocations function in libass/ass_shaper.c in libass prior to 0.13.4 allows remote malicious users to cause a denial of service (memory allocation failure) via unspecified vectors.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Libass Project Libass
5
CVSSv2
CVE-2016-7969
The wrap_lines_smart function in ass_render.c in libass prior to 0.13.4 allows remote malicious users to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Libass Project Libass
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started