Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libass project libass vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-24994
Stack overflow in the parse_tag function in libass/ass_parse.c in libass prior to 0.15.0 allows remote malicious users to cause a denial of service or remote code execution via a crafted file.
Libass Project Libass
8.8
CVSSv3
CVE-2020-26682
In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.
Libass Project Libass 0.14.0
7.8
CVSSv3
CVE-2020-36430
libass 0.15.x prior to 0.15.1 has a heap-based buffer overflow in decode_chars (called from decode_font and process_text) because the wrong integer data type is used for subtraction.
Libass Project Libass
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2016-7970
Buffer overflow in the calc_coeff function in libass/ass_blur.c in libass prior to 0.13.4 allows remote malicious users to cause a denial of service via unspecified vectors.
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Libass Project Libass
7.5
CVSSv3
CVE-2016-7972
The check_allocations function in libass/ass_shaper.c in libass prior to 0.13.4 allows remote malicious users to cause a denial of service (memory allocation failure) via unspecified vectors.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Libass Project Libass
7.5
CVSSv3
CVE-2016-7969
The wrap_lines_smart function in ass_render.c in libass prior to 0.13.4 allows remote malicious users to cause a denial of service (out-of-bounds read) via unspecified vectors, related to "0/3 line wrapping equalization."
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Fedoraproject Fedora 25
Fedoraproject Fedora 24
Fedoraproject Fedora 23
Libass Project Libass
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started