Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav libav vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2018-11102
An issue exists in Libav 12.3. A read access violation in the mov_probe function in libavformat/mov.c allows remote malicious users to cause a denial of service (application crash), as demonstrated by avconv.
Libav Libav 12.3
7.5
CVSSv3
CVE-2017-16803
In Libav up to and including 11.11 and 12.x up to and including 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote malicious users to cause a denial of service (bitstream.c:build_table() out-of-bounds read...
Libav Libav 12.1
Libav Libav 12.0
Libav Libav
7.5
CVSSv3
CVE-2017-11684
There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input.
Libav Libav 12.1
7.5
CVSSv3
CVE-2017-9987
There is a heap-based buffer overflow in the function hpel_motion in mpegvideo_motion.c in libav 12.1. A crafted input can lead to a remote denial of service attack.
Libav Libav 12.1
7.1
CVSSv3
CVE-2017-7206
The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote malicious users to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
Libav Libav 9.21
7.1
CVSSv3
CVE-2017-7208
The decode_residual function in libavcodec in libav 9.21 allows remote malicious users to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
Libav Libav 9.21
6.5
CVSSv3
CVE-2020-18775
In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_b_mb_intfi in vc1_block.c that allows an malicious user to cause denial-of-service via a crafted file.
Libav Libav 12.3
6.5
CVSSv3
CVE-2020-18776
In Libav 12.3, there is a segmentation fault in vc1_decode_b_mb_intfr in vc1_block.c that allows an malicious user to cause denial-of-service via a crafted file.
Libav Libav 12.3
6.5
CVSSv3
CVE-2020-18778
In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c that allows an malicious user to cause denial-of-service via a crafted file.
Libav Libav 12.3
6.5
CVSSv3
CVE-2019-9720
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
Libav Libav
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »