Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2016-6832
Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav prior to 11.4 allows remote malicious users to cause a denial of service (crash) via vectors related to buffer resizing.
Libav Libav
5.5
CVSSv3
CVE-2016-7424
The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and previous versions allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.
Debian Debian Linux 8.0
Libav Libav
5.5
CVSSv3
CVE-2016-1897
FFmpeg 2.x allows remote malicious users to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.
Ffmpeg Ffmpeg 2.7.4
Ffmpeg Ffmpeg 2.7.3
Ffmpeg Ffmpeg 2.6.2
Ffmpeg Ffmpeg 2.6.1
Ffmpeg Ffmpeg 2.5.4
Ffmpeg Ffmpeg 2.5.3
Ffmpeg Ffmpeg 2.4.9
Ffmpeg Ffmpeg 2.4.8
Ffmpeg Ffmpeg 2.4
Ffmpeg Ffmpeg 2.3.6
Ffmpeg Ffmpeg 2.2.16
Ffmpeg Ffmpeg 2.2.15
Ffmpeg Ffmpeg 2.2.8
Ffmpeg Ffmpeg 2.2.7
Ffmpeg Ffmpeg 2.1.8
Ffmpeg Ffmpeg 2.1.7
Ffmpeg Ffmpeg 2.1
Ffmpeg Ffmpeg 2.0.7
Ffmpeg Ffmpeg 2.0
Ffmpeg Ffmpeg 2.8.4
Ffmpeg Ffmpeg 2.8.3
Ffmpeg Ffmpeg 2.7.2
2 Github repositories
5.5
CVSSv3
CVE-2016-1898
FFmpeg 2.x allows remote malicious users to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file.
Ffmpeg Ffmpeg 2.8.3
Ffmpeg Ffmpeg 2.8.2
Ffmpeg Ffmpeg 2.7
Ffmpeg Ffmpeg 2.6.6
Ffmpeg Ffmpeg 2.5.9
Ffmpeg Ffmpeg 2.5.8
Ffmpeg Ffmpeg 2.5.1
Ffmpeg Ffmpeg 2.5
Ffmpeg Ffmpeg 2.4.5
Ffmpeg Ffmpeg 2.4.4
Ffmpeg Ffmpeg 2.3.4
Ffmpeg Ffmpeg 2.3.3
Ffmpeg Ffmpeg 2.2.13
Ffmpeg Ffmpeg 2.2.12
Ffmpeg Ffmpeg 2.2.11
Ffmpeg Ffmpeg 2.2.4
Ffmpeg Ffmpeg 2.2.3
Ffmpeg Ffmpeg 2.1.5
Ffmpeg Ffmpeg 2.1.4
Ffmpeg Ffmpeg 2.0.4
Ffmpeg Ffmpeg 2.0.3
Ffmpeg Ffmpeg 2.8.1
1 Github repository
NA
CVE-2015-8364
Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg prior to 2.6.5, 2.7.x prior to 2.7.3, and 2.8.x up to and including 2.8.2 allows remote malicious users to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified o...
Ffmpeg Ffmpeg 2.7.1
Ffmpeg Ffmpeg 2.7.0
Ffmpeg Ffmpeg 2.8.2
Ffmpeg Ffmpeg 2.8.1
Ffmpeg Ffmpeg 2.6.4
Ffmpeg Ffmpeg 2.7.2
Ffmpeg Ffmpeg 2.8.0
Canonical Ubuntu Linux 12.04
NA
CVE-2015-8365
The smka_decode_frame function in libavcodec/smacker.c in FFmpeg prior to 2.6.5, 2.7.x prior to 2.7.3, and 2.8.x up to and including 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote malicious users to cause a denial of servic...
Canonical Ubuntu Linux 12.04
Ffmpeg Ffmpeg 2.7.1
Ffmpeg Ffmpeg 2.7.0
Ffmpeg Ffmpeg 2.8.2
Ffmpeg Ffmpeg 2.8.1
Ffmpeg Ffmpeg 2.6.4
Ffmpeg Ffmpeg 2.7.2
Ffmpeg Ffmpeg 2.8.0
NA
CVE-2015-6818
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg prior to 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecifi...
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 12.04
NA
CVE-2015-6820
The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg prior to 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote malicious users to cause a denial of service (out-of-bounds array ac...
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 12.04
NA
CVE-2015-6826
The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg prior to 2.7.2 does not initialize certain structure members, which allows remote malicious users to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafte...
Canonical Ubuntu Linux 12.04
Ffmpeg Ffmpeg
NA
CVE-2015-6824
The sws_init_context function in libswscale/utils.c in FFmpeg prior to 2.7.2 does not initialize certain pixbuf data structures, which allows remote malicious users to cause a denial of service (segmentation violation) or possibly have unspecified other impact via crafted video d...
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 12.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »