In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.
Max CVSS
6.5
EPSS Score
0.11%
Published
2021-08-23
Updated
2022-09-20
In Libav 12.3, there is a segmentation fault in vc1_decode_b_mb_intfr in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.
Max CVSS
6.5
EPSS Score
0.07%
Published
2021-08-23
Updated
2021-08-31
In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_b_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.
Max CVSS
6.5
EPSS Score
0.11%
Published
2021-08-23
Updated
2022-09-20
An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
Max CVSS
6.5
EPSS Score
0.12%
Published
2019-07-30
Updated
2023-03-03
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a crafted file.
Max CVSS
7.1
EPSS Score
0.09%
Published
2019-07-30
Updated
2023-03-03
An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float in avcodec/mpegaudiodsp_template.c. NOTE: This may be a duplicate of CVE-2018-19129
Max CVSS
6.5
EPSS Score
0.10%
Published
2019-07-30
Updated
2024-03-21
In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c.
Max CVSS
6.5
EPSS Score
0.09%
Published
2019-07-28
Updated
2023-03-06
An issue was discovered in Libav 12.3. There is an infinite loop in the function mov_probe in the file libavformat/mov.c, related to offset and tag.
Max CVSS
6.5
EPSS Score
0.08%
Published
2019-07-28
Updated
2020-08-24
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
Max CVSS
7.1
EPSS Score
0.13%
Published
2019-09-19
Updated
2021-07-21
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a vulnerability is provided” and only “a generic warning from a static code analysis” is provided
Max CVSS
8.8
EPSS Score
0.56%
Published
2019-09-19
Updated
2024-03-21
In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
Max CVSS
7.1
EPSS Score
0.10%
Published
2019-09-19
Updated
2021-07-21
In Libav 12.3, there is a floating point exception in the range_decode_culshift function (called from range_decode_bits) in libavcodec/apedec.c that will lead to remote denial of service via crafted input.
Max CVSS
6.5
EPSS Score
0.12%
Published
2018-12-10
Updated
2019-01-03
In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127
Max CVSS
6.5
EPSS Score
0.09%
Published
2018-11-09
Updated
2024-03-21
In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2018-11-09
Updated
2018-12-12
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.
Max CVSS
6.5
EPSS Score
0.09%
Published
2018-11-09
Updated
2019-12-05
There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2018-10-30
Updated
2018-12-06
There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
Max CVSS
6.5
EPSS Score
0.10%
Published
2018-10-30
Updated
2020-08-24
There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2018-10-30
Updated
2018-12-06
There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
Max CVSS
6.5
EPSS Score
0.10%
Published
2018-10-30
Updated
2020-08-24
An issue was discovered in Libav 12.3. A read access violation in the in_table_init16 function in libavcodec/aacsbr.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
Max CVSS
6.5
EPSS Score
0.09%
Published
2018-05-17
Updated
2018-06-25
An issue was discovered in Libav 12.3. A read access violation in the mov_probe function in libavformat/mov.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
Max CVSS
7.5
EPSS Score
0.79%
Published
2018-05-15
Updated
2019-09-02
In Libav through 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) via a crafted avi file.
Max CVSS
8.8
EPSS Score
0.78%
Published
2018-01-18
Updated
2019-09-02
In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
Max CVSS
8.8
EPSS Score
0.44%
Published
2018-01-14
Updated
2018-02-02
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
Max CVSS
6.5
EPSS Score
0.18%
Published
2018-01-03
Updated
2019-03-31
The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.
Max CVSS
6.5
EPSS Score
0.11%
Published
2018-03-23
Updated
2018-04-13
87 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!