Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matroska vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-52339
In libebml prior to 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows.
Matroska Libebml
NA
CVE-2022-1920
Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite.
Gstreamer Project Gstreamer
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2021-38382
Live555 up to and including 1.08 does not handle Matroska and Ogg files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash.
Live555 Live555
6.8
CVSSv2
CVE-2021-3497
GStreamer prior to 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files.
Gstreamer Project Gstreamer
Redhat Enterprise Linux 7.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
6.8
CVSSv2
CVE-2021-3498
GStreamer prior to 1.18.4 might cause heap corruption when parsing certain malformed Matroska files.
Gstreamer Project Gstreamer
Redhat Enterprise Linux 7.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 8.0
4.3
CVSSv2
CVE-2021-3405
A flaw was found in libebml prior to 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.
Matroska Libebml
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Debian Debian Linux 9.0
7.1
CVSSv2
CVE-2019-9720
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
Libav Libav
6.8
CVSSv2
CVE-2019-9719
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows malicious users to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability becaus...
Libav Libav
7.1
CVSSv2
CVE-2019-9717
In Libav 12.3, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
Libav Libav
7.5
CVSSv2
CVE-2019-15232
Live555 prior to 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.
Live555 Streaming Media
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »