Vulnerabilities > Libav > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-01 CVE-2016-9824 Integer Overflow or Wraparound vulnerability in Libav 11.8
Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file.
network
libav CWE-190
4.3
2017-03-01 CVE-2016-9823 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 11.8
libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file.
network
libav CWE-119
4.3
2017-03-01 CVE-2016-9822 Integer Overflow or Wraparound vulnerability in Libav 11.8
Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file.
network
libav CWE-190
4.3
2017-03-01 CVE-2016-9821 Integer Overflow or Wraparound vulnerability in Libav 11.8
Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file.
network
libav CWE-190
4.3
2017-03-01 CVE-2016-9820 Numeric Errors vulnerability in Libav 11.8
libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
network
libav CWE-189
4.3
2017-03-01 CVE-2016-9819 Numeric Errors vulnerability in Libav 11.8
libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
network
libav CWE-189
4.3
2017-02-15 CVE-2016-8676 NULL Pointer Dereference vulnerability in Libav
The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file.
network
libav CWE-476
4.3
2017-02-15 CVE-2016-8675 NULL Pointer Dereference vulnerability in Libav
The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcode sequences during m4v detection.
network
libav CWE-476
4.3
2017-02-15 CVE-2016-7499 Divide By Zero vulnerability in Libav 11.7
The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file.
local
low complexity
libav CWE-369
5.5
2017-02-15 CVE-2016-7477 NULL Pointer Dereference vulnerability in Libav 11.7
The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file.
network
libav CWE-476
4.3