Vulnerabilities > Libav

DATE CVE VULNERABILITY TITLE RISK
2018-10-30 CVE-2018-18826 Out-of-bounds Write vulnerability in Libav 12.3
There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.
network
libav CWE-787
4.3
2018-05-17 CVE-2018-11224 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.3
An issue was discovered in Libav 12.3.
network
libav CWE-119
4.3
2018-05-15 CVE-2018-11102 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.3
An issue was discovered in Libav 12.3.
network
low complexity
libav CWE-119
5.0
2018-03-23 CVE-2017-18247 NULL Pointer Dereference vulnerability in Libav 12.2
The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.
network
libav CWE-476
4.3
2018-03-23 CVE-2017-18246 Out-of-bounds Read vulnerability in Libav 12.2
The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file.
network
libav CWE-125
4.3
2018-03-23 CVE-2017-18245 Out-of-bounds Read vulnerability in Libav 12.2
The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file.
network
libav CWE-125
4.3
2018-03-22 CVE-2017-18244 Out-of-bounds Read vulnerability in Libav 12.2
The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.
network
libav CWE-125
4.3
2018-03-22 CVE-2017-18243 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.2
The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file.
network
libav CWE-119
4.3
2018-03-22 CVE-2017-18242 Out-of-bounds Read vulnerability in Libav 12.2
The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.
network
libav CWE-125
4.3
2018-01-18 CVE-2018-5766 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav
In Libav through 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c.
network
libav CWE-119
6.8