Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav libav vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-5684
In Libav up to and including 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
Libav Libav
6.8
CVSSv2
CVE-2014-4609
Integer overflow in the get_len function in libavutil/lzo.c in Libav prior to 0.8.13, 9.x prior to 9.14, and 10.x prior to 10.2 allows remote malicious users to execute arbitrary code via a crafted Literal Run.
Libav Libav
6.8
CVSSv2
CVE-2018-5766
In Libav up to and including 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.
Libav Libav
7.1
CVSSv2
CVE-2019-9720
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
Libav Libav
4.3
CVSSv2
CVE-2016-8675
The get_vlc2 function in get_bits.h in Libav prior to 11.9 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcode sequences during m4v detection.
Libav Libav
4.3
CVSSv2
CVE-2016-8676
The get_vlc2 function in get_bits.h in Libav 11.9 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675.
Libav Libav
7.1
CVSSv2
CVE-2019-9717
In Libav 12.3, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
Libav Libav
6.8
CVSSv2
CVE-2019-9719
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability becaus...
Libav Libav
4.3
CVSSv2
CVE-2016-6832
Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav prior to 11.4 allows remote malicious users to cause a denial of service (crash) via vectors related to buffer resizing.
Libav Libav
7.5
CVSSv2
CVE-2017-9051
libav prior to 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
Libav Libav
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »