Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matroska vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1387
The DirectShow loader (loader/dshow/DS_VideoDecoder.c) in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbitrary code, a...
Mplayer Mplayer
NA
CVE-2007-1246
The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and previous versions, as used in xine-lib, does not set the biSize before use in a memcpy, which allows user-assisted remote malicious users to cause a buffer overflow and possibly execute arbi...
Mplayer Mplayer
NA
CVE-2011-3892
Double free vulnerability in the Theora decoder in Google Chrome prior to 15.0.874.120 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Google Chrome
Debian Debian Linux 6.0
NA
CVE-2011-3893
Google Chrome prior to 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote malicious users to cause a denial of service (out-of-bounds read) via unspecified vectors.
Google Chrome
NA
CVE-2011-3895
Heap-based buffer overflow in the Vorbis decoder in Google Chrome prior to 15.0.874.120 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Google Chrome
Debian Debian Linux 6.0
NA
CVE-2008-0073
Array index error in the sdpplin_parse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter.
Xine Xine-lib 1.1.10.1
1 EDB exploit
NA
CVE-2008-0486
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote malicious users to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow.
Mplayer Mplayer 1.02rc2
Xine Xine-lib 1.1.10
6.5
CVSSv3
CVE-2019-9718
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 4.1
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
NA
CVE-2011-3973
cavsdec.c in libavcodec in FFmpeg prior to 0.7.4 and 0.8.x prior to 0.8.3 allows remote malicious users to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_b...
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.5.1
Ffmpeg Ffmpeg 0.3.1
Ffmpeg Ffmpeg 0.4.9
Ffmpeg Ffmpeg 0.6
Ffmpeg Ffmpeg 0.5.3
Ffmpeg Ffmpeg 0.4.4
Ffmpeg Ffmpeg 0.5.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 0.4.6
Ffmpeg Ffmpeg 0.3.4
Ffmpeg Ffmpeg 0.4.0
Ffmpeg Ffmpeg 0.6.2
NA
CVE-2011-3974
Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg prior to 0.7.4 and 0.8.x prior to 0.8.3 allows remote malicious users to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a C...
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.5.1
Ffmpeg Ffmpeg 0.3.1
Ffmpeg Ffmpeg 0.4.9
Ffmpeg Ffmpeg 0.6
Ffmpeg Ffmpeg 0.5.3
Ffmpeg Ffmpeg 0.4.4
Ffmpeg Ffmpeg 0.5.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 0.4.6
Ffmpeg Ffmpeg 0.3.4
Ffmpeg Ffmpeg 0.4.0
Ffmpeg Ffmpeg 0.6.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »