Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav libav vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2016-7393
Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav prior to 11.5 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted file.
Libav Libav
9.8
CVSSv3
CVE-2017-9051
libav prior to 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
Libav Libav
5.5
CVSSv3
CVE-2016-8675
The get_vlc2 function in get_bits.h in Libav prior to 11.9 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcode sequences during m4v detection.
Libav Libav
8.8
CVSSv3
CVE-2014-4609
Integer overflow in the get_len function in libavutil/lzo.c in Libav prior to 0.8.13, 9.x prior to 9.14, and 10.x prior to 10.2 allows remote malicious users to execute arbitrary code via a crafted Literal Run.
Libav Libav
6.5
CVSSv3
CVE-2019-9720
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
Libav Libav
8.8
CVSSv3
CVE-2019-9719
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability becaus...
Libav Libav
5.5
CVSSv3
CVE-2016-6832
Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav prior to 11.4 allows remote malicious users to cause a denial of service (crash) via vectors related to buffer resizing.
Libav Libav
6.5
CVSSv3
CVE-2019-9717
In Libav 12.3, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
Libav Libav
8.8
CVSSv3
CVE-2018-5684
In Libav up to and including 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
Libav Libav
8.8
CVSSv3
CVE-2018-5766
In Libav up to and including 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.
Libav Libav
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »