Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav libav vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2018-5766
In Libav up to and including 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.
Libav Libav
6.8
CVSSv2
CVE-2018-5684
In Libav up to and including 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
Libav Libav
4.3
CVSSv2
CVE-2017-1000460
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
Libav Libav 13 Dev0
Ffmpeg Ffmpeg 3.4
Google Chrome
4.3
CVSSv2
CVE-2017-17127
The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
Libav Libav 12.2
4.3
CVSSv2
CVE-2017-17128
The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote malicious users to cause a denial of service (segmentation fault and application crash) via a crafted file.
Libav Libav 12.2
6.8
CVSSv2
CVE-2017-17129
The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote malicious users to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
Libav Libav 12.2
6.8
CVSSv2
CVE-2017-17130
The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks...
Libav Libav 12.2
5
CVSSv2
CVE-2017-16803
In Libav up to and including 11.11 and 12.x up to and including 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote malicious users to cause a denial of service (bitstream.c:build_table() out-of-bounds read...
Libav Libav 12.0
Libav Libav
Libav Libav 12.1
5
CVSSv2
CVE-2017-11684
There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input.
Libav Libav 12.1
5
CVSSv2
CVE-2017-9987
There is a heap-based buffer overflow in the function hpel_motion in mpegvideo_motion.c in libav 12.1. A crafted input can lead to a remote denial of service attack.
Libav Libav 12.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »