Vulnerabilities > Libav
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-14 | CVE-2018-5684 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. | 6.8 |
| 2018-01-03 | CVE-2017-1000460 | NULL Pointer Dereference vulnerability in multiple products In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception. | 4.3 |
| 2017-12-04 | CVE-2017-17130 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.2 The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks_adv. | 6.8 |
| 2017-12-04 | CVE-2017-17129 | NULL Pointer Dereference vulnerability in Libav 12.2 The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file. | 6.8 |
| 2017-12-04 | CVE-2017-17128 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.2 The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file. | 4.3 |
| 2017-12-04 | CVE-2017-17127 | NULL Pointer Dereference vulnerability in Libav 12.2 The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | 4.3 |
| 2017-11-13 | CVE-2017-16803 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream. | 5.0 |
| 2017-07-27 | CVE-2017-11684 | Unspecified vulnerability in Libav 12.1 There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input. | 5.0 |
| 2017-06-28 | CVE-2017-9987 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.1 There is a heap-based buffer overflow in the function hpel_motion in mpegvideo_motion.c in libav 12.1. | 5.0 |
| 2017-05-18 | CVE-2017-9051 | NULL Pointer Dereference vulnerability in Libav libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c. | 7.5 |