Vulnerabilities > Libav

DATE CVE VULNERABILITY TITLE RISK
2020-01-14 CVE-2014-4609 Integer Overflow OR Wraparound vulnerability in Libav
Integer overflow in the get_len function in libavutil/lzo.c in Libav before 0.8.13, 9.x before 9.14, and 10.x before 10.2 allows remote attackers to execute arbitrary code via a crafted Literal Run.
network
libav CWE-190
6.8
2019-09-19 CVE-2019-9720 Classic Buffer Overflow vulnerability in Libav
A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
network
libav CWE-120
7.1
2019-09-19 CVE-2019-9719 Classic Buffer Overflow vulnerability in Libav
** DISPUTED ** A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.
network
libav CWE-120
6.8
2019-09-19 CVE-2019-9717 Improper Input Validation vulnerability in Libav
In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
network
libav CWE-20
7.1
2019-07-30 CVE-2019-14443 Divide BY Zero vulnerability in Libav 12.3
An issue was discovered in Libav 12.3.
network
libav CWE-369
4.3
2019-07-30 CVE-2019-14442 Infinite Loop vulnerability in Libav 12.3
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption.
network
libav CWE-835
7.1
2019-07-30 CVE-2019-14441 Unspecified vulnerability in Libav 12.3
** DISPUTED ** An issue was discovered in Libav 12.3.
network
libav
4.3
2019-07-28 CVE-2019-14372 Infinite Loop vulnerability in Libav 12.3
In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c.
network
libav CWE-835
4.3
2019-07-28 CVE-2019-14371 Infinite Loop vulnerability in Libav 12.3
An issue was discovered in Libav 12.3.
network
libav CWE-835
4.3
2019-05-22 CVE-2017-5984 Out-Of-Bounds Read vulnerability in Libav 9.21
In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.
network
libav CWE-125
4.3