Vulnerabilities (CVE)

Filtered by vendor Libav Subscribe
Filtered by product Libav
Total 105 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-18826 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
CVE-2018-11224 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Libav 12.3. A read access violation in the in_table_init16 function in libavcodec/aacsbr.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
CVE-2018-11102 1 Libav 1 Libav 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Libav 12.3. A read access violation in the mov_probe function in libavformat/mov.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.
CVE-2017-9987 1 Libav 1 Libav 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is a heap-based buffer overflow in the function hpel_motion in mpegvideo_motion.c in libav 12.1. A crafted input can lead to a remote denial of service attack.
CVE-2017-9051 1 Libav 1 Libav 2024-11-21 7.5 HIGH 9.8 CRITICAL
libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
CVE-2017-7208 1 Libav 1 Libav 2024-11-21 5.8 MEDIUM 7.1 HIGH
The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
CVE-2017-7206 1 Libav 1 Libav 2024-11-21 5.8 MEDIUM 7.1 HIGH
The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file.
CVE-2017-5984 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.
CVE-2017-18247 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.
CVE-2017-18246 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file.
CVE-2017-18245 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file.
CVE-2017-18244 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.
CVE-2017-18243 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file.
CVE-2017-18242 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.
CVE-2017-17130 1 Libav 1 Libav 2024-11-21 6.8 MEDIUM 8.8 HIGH
The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks_adv.
CVE-2017-17129 1 Libav 1 Libav 2024-11-21 6.8 MEDIUM 8.8 HIGH
The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
CVE-2017-17128 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file.
CVE-2017-17127 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.
CVE-2017-16803 1 Libav 1 Libav 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream.
CVE-2017-11684 1 Libav 1 Libav 2024-11-21 5.0 MEDIUM 7.5 HIGH
There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input.