Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-5766
In Libav up to and including 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.
Libav Libav
6.8
CVSSv2
CVE-2018-5684
In Libav up to and including 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
Libav Libav
4.3
CVSSv2
CVE-2017-1000460
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
Libav Libav 13 Dev0
Ffmpeg Ffmpeg 3.4
Google Chrome
4.3
CVSSv2
CVE-2017-17127
The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Libav Libav 12.2
4.3
CVSSv2
CVE-2017-17128
The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote malicious users to cause a denial of service (segmentation fault and application crash) via a crafted file.
Libav Libav 12.2
6.8
CVSSv2
CVE-2017-17129
The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote malicious users to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
Libav Libav 12.2
6.8
CVSSv2
CVE-2017-17130
The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks...
Libav Libav 12.2
5
CVSSv2
CVE-2017-16803
In Libav up to and including 11.11 and 12.x up to and including 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote malicious users to cause a denial of service (bitstream.c:build_table() out-of-bounds read...
Libav Libav 12.0
Libav Libav
Libav Libav 12.1
5
CVSSv2
CVE-2017-11684
There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input.
Libav Libav 12.1
5
CVSSv2
CVE-2017-9987
There is a heap-based buffer overflow in the function hpel_motion in mpegvideo_motion.c in libav 12.1. A crafted input can lead to a remote denial of service attack.
Libav Libav 12.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »