Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav libav vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-9051
libav prior to 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
Libav Libav
8.8
CVSSv3
CVE-2014-4609
Integer overflow in the get_len function in libavutil/lzo.c in Libav prior to 0.8.13, 9.x prior to 9.14, and 10.x prior to 10.2 allows remote malicious users to execute arbitrary code via a crafted Literal Run.
Libav Libav
8.8
CVSSv3
CVE-2019-9719
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability becaus...
Libav Libav
8.8
CVSSv3
CVE-2018-5766
In Libav up to and including 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.
Libav Libav
8.8
CVSSv3
CVE-2018-5684
In Libav up to and including 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
Libav Libav
8.8
CVSSv3
CVE-2017-17129
The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote malicious users to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
Libav Libav 12.2
8.8
CVSSv3
CVE-2017-17130
The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks...
Libav Libav 12.2
8.8
CVSSv3
CVE-2016-3062
The mov_read_dref function in libavformat/mov.c in Libav prior to 11.7 and FFmpeg prior to 0.11 allows remote malicious users to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
Libav Libav
Ffmpeg Ffmpeg
Debian Debian Linux
Opensuse Leap 42.1
8.8
CVSSv3
CVE-2016-2326
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg prior to 2.8.5 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04
Ffmpeg Ffmpeg
8.8
CVSSv3
CVE-2016-2330
libavcodec/gif.c in FFmpeg prior to 2.8.6 does not properly calculate a buffer size, which allows remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_ima...
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 12.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »