Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matroska vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-8790
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML prior to 1.3.3 allows context-dependent malicious users to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
Matroska Libebml
4.3
CVSSv2
CVE-2015-8791
The EbmlElement::ReadCodedSizeValue function in libEBML prior to 1.3.3 allows context-dependent malicious users to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
Matroska Libebml
4.3
CVSSv2
CVE-2017-12779
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote malicious users to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
Matroska Mkvalidator 0.5.1
4.3
CVSSv2
CVE-2017-12803
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote malicious users to cause a denial of service (assert fault) via a crafted mkv file.
Matroska Mkclean 0.8.9
5
CVSSv2
CVE-2015-8792
The KaxInternalBlock::ReadData function in libMatroska prior to 1.4.4 allows context-dependent malicious users to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
Matroska Libmatroska
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
4.3
CVSSv2
CVE-2021-3405
A flaw was found in libebml prior to 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.
Matroska Libebml
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
5
CVSSv2
CVE-2015-3861
Multiple integer overflows in the addVorbisCodecInfo function in matroska/MatroskaExtractor.cpp in libstagefright in mediaserver in Android prior to 5.1.1 LMY48M allow remote malicious users to cause a denial of service (device inoperability) via crafted Matroska data, aka intern...
Google Android
4.3
CVSSv2
CVE-2021-38382
Live555 up to and including 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.
Live555 Live555
6.8
CVSSv2
CVE-2011-4352
Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x prior to 0.5.7, 0.6.x prior to 0.6.4, 0.7.x prior to 0.7.9, and 0.8.x prior to 0.8.8; and in Libav 0.5.x prior to 0.5.6, 0.6.x prior to 0.6.4, and 0.7.x prior to 0.7.3 allows rem...
Libav Libav 0.7
Libav Libav 0.5.3
Libav Libav 0.6.2
Libav Libav 0.5
Libav Libav 0.7.1
Libav Libav 0.5.2
Libav Libav 0.5.5
Libav Libav 0.6.3
Libav Libav 0.5.4
Libav Libav 0.6.1
Libav Libav 0.6
Libav Libav 0.5.1
Ffmpeg Ffmpeg 0.7.7
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.7.6
Ffmpeg Ffmpeg 0.8.6
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.7.5
Ffmpeg Ffmpeg 0.5.4.6
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.8.5.4
9.3
CVSSv2
CVE-2011-3504
The Matroska format decoder in FFmpeg prior to 0.8.3 does not properly allocate memory, which allows remote malicious users to execute arbitrary code via a crafted file.
Ffmpeg Ffmpeg 0.5.2
Ffmpeg Ffmpeg 0.5.1
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.4.4
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.5.3
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.4.6
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.3.1
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 0.6.2
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.4.9
Ffmpeg Ffmpeg 0.4.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.6
Ffmpeg Ffmpeg 0.4.8
Ffmpeg Ffmpeg 0.4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »