Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav libav vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2011-3892
Double free vulnerability in the Theora decoder in Google Chrome prior to 15.0.874.120 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Google Chrome
Debian Debian Linux 6.0
7.5
CVSSv2
CVE-2011-3895
Heap-based buffer overflow in the Vorbis decoder in Google Chrome prior to 15.0.874.120 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted stream.
Google Chrome
Debian Debian Linux 6.0
7.5
CVSSv2
CVE-2011-1196
The OGG container implementation in Google Chrome prior to 10.0.648.127 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.
Google Chrome
7.1
CVSSv2
CVE-2019-9717
In Libav 12.3, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
Libav Libav
7.1
CVSSv2
CVE-2019-9720
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
Libav Libav
7.1
CVSSv2
CVE-2019-14442
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file.
Libav Libav 12.3
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2014-4609
Integer overflow in the get_len function in libavutil/lzo.c in Libav prior to 0.8.13, 9.x prior to 9.14, and 10.x prior to 10.2 allows remote malicious users to execute arbitrary code via a crafted Literal Run.
Libav Libav
6.8
CVSSv2
CVE-2019-9719
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability becaus...
Libav Libav
6.8
CVSSv2
CVE-2018-5766
In Libav up to and including 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.
Libav Libav
6.8
CVSSv2
CVE-2018-5684
In Libav up to and including 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
Libav Libav
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »