Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matroska vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv2
CVE-2007-1246
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbi...
Mplayer Mplayer
6.8
CVSSv2
CVE-2007-1387
The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbitrary code, a...
Mplayer Mplayer
5
CVSSv2
CVE-2011-3893
Google Chrome prior to 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote malicious users to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome
7.5
CVSSv2
CVE-2011-3892
Double free vulnerability in the Theora decoder in Google Chrome prior to 15.0.874.120 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Google Chrome
Debian Debian Linux 6.0
7.5
CVSSv2
CVE-2011-3895
Heap-based buffer overflow in the Vorbis decoder in Google Chrome prior to 15.0.874.120 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Google Chrome
Debian Debian Linux 6.0
6.8
CVSSv2
CVE-2008-0073
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
Xine Xine-lib 1.1.10.1
1 EDB exploit
7.5
CVSSv2
CVE-2008-0486
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote malicious users to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Mplayer Mplayer 1.02rc2
Xine Xine-lib 1.1.10
4.3
CVSSv2
CVE-2019-9718
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 4.1
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
5
CVSSv2
CVE-2011-3973
cavsdec.c in libavcodec in FFmpeg prior to 0.7.4 and 0.8.x prior to 0.8.3 allows remote malicious users to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_b...
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.5.1
Ffmpeg Ffmpeg 0.3.1
Ffmpeg Ffmpeg 0.4.9
Ffmpeg Ffmpeg 0.6
Ffmpeg Ffmpeg 0.5.3
Ffmpeg Ffmpeg 0.4.4
Ffmpeg Ffmpeg 0.5.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 0.4.6
Ffmpeg Ffmpeg 0.3.4
Ffmpeg Ffmpeg 0.4.0
Ffmpeg Ffmpeg 0.6.2
5
CVSSv2
CVE-2011-3974
Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg prior to 0.7.4 and 0.8.x prior to 0.8.3 allows remote malicious users to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a C...
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.5.1
Ffmpeg Ffmpeg 0.3.1
Ffmpeg Ffmpeg 0.4.9
Ffmpeg Ffmpeg 0.6
Ffmpeg Ffmpeg 0.5.3
Ffmpeg Ffmpeg 0.4.4
Ffmpeg Ffmpeg 0.5.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 0.4.6
Ffmpeg Ffmpeg 0.3.4
Ffmpeg Ffmpeg 0.4.0
Ffmpeg Ffmpeg 0.6.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »