Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav libav vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2016-7393
Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav prior to 11.5 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted file.
Libav Libav
8.8
CVSSv3
CVE-2019-9719
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability becaus...
Libav Libav
6.5
CVSSv3
CVE-2018-19128
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an malicious user to cause denial-of-service via a crafted avi file.
Libav Libav 12.3
6.5
CVSSv3
CVE-2018-19129
In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file.
Libav Libav 12.3
6.5
CVSSv3
CVE-2018-19130
In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows malicious users to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127
Libav Libav 12.3
7.5
CVSSv3
CVE-2017-9987
There is a heap-based buffer overflow in the function hpel_motion in mpegvideo_motion.c in libav 12.1. A crafted input can lead to a remote denial of service attack.
Libav Libav 12.1
6.5
CVSSv3
CVE-2017-18242
The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted aac file.
Libav Libav 12.2
6.5
CVSSv3
CVE-2017-18243
The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote malicious users to cause a denial of service (segmentation fault) via a crafted file.
Libav Libav 12.2
7.1
CVSSv3
CVE-2017-7206
The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote malicious users to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
Libav Libav 9.21
6.5
CVSSv3
CVE-2017-5984
In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.
Libav Libav 9.21
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »