Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-9051
libav prior to 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
Libav Libav
8.8
CVSSv3
CVE-2014-4609
Integer overflow in the get_len function in libavutil/lzo.c in Libav prior to 0.8.13, 9.x prior to 9.14, and 10.x prior to 10.2 allows remote malicious users to execute arbitrary code via a crafted Literal Run.
Libav Libav
8.8
CVSSv3
CVE-2019-9719
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability becaus...
Libav Libav
8.8
CVSSv3
CVE-2018-5766
In Libav up to and including 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.
Libav Libav
8.8
CVSSv3
CVE-2018-5684
In Libav up to and including 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
Libav Libav
8.8
CVSSv3
CVE-2017-17129
The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote malicious users to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
Libav Libav 12.2
8.8
CVSSv3
CVE-2017-17130
The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks...
Libav Libav 12.2
8.8
CVSSv3
CVE-2016-3062
The mov_read_dref function in libavformat/mov.c in Libav prior to 11.7 and FFmpeg prior to 0.11 allows remote malicious users to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
Libav Libav
Ffmpeg Ffmpeg
Debian Debian Linux
Opensuse Leap 42.1
8.8
CVSSv3
CVE-2016-2330
libavcodec/gif.c in FFmpeg prior to 2.8.6 does not properly calculate a buffer size, which allows remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_ima...
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 12.04
8.8
CVSSv3
CVE-2016-2326
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg prior to 2.8.5 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04
Ffmpeg Ffmpeg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »