Lucene search
K

42 matches found

OSV
OSV
added 2022/11/08 11:30 a.m.10 views

SUSE-SU-2022:3906-1 Security update for gstreamer-0_10-plugins-good

This update for gstreamer-010-plugins-good fixes the following issues: - CVE-2022-1920: Fixed an integer overflow while parsing matroska files bsc1201688. - CVE-2022-1921: Fixed an integer overflow while parsing avi files bsc1201693. - CVE-2022-1922: Fixed an integer overflow during mkv demuxing...

7.8CVSS7.9AI score0.00465EPSS
Exploits7References15
RedhatCVE
RedhatCVE
added 2022/09/29 2:19 p.m.19 views

CVE-2022-1920

A flaw was found in GStreamer. An integer overflow can lead to a heap-based buffer overflow in the mkv demuxer when processing a specially crafted Matroska file. This vulnerability can result in application crash, memory corruption, and code execution...

7.8CVSS7.6AI score0.00465EPSS
Exploits1References4
Prion
Prion
added 2021/04/19 9:15 p.m.20 views

Heap overflow

GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files...

6.8CVSS7.8AI score0.0177EPSS
Exploits0References5Affected Software3
Debian CVE
Debian CVE
added 2021/04/19 8:22 p.m.26 views

CVE-2021-3497

GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files...

7.8CVSS7.8AI score0.01219EPSS
Exploits0
CNVD
CNVD
added 2021/01/12 12:0 a.m.5 views

VideoLAN VLC media player buffer overflow vulnerability (CNVD-2021-03027)

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by Videolan France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A buffer overflo...

7.8CVSS7.2AI score0.01538EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/01/08 12:0 a.m.9 views

VideoLAN VLC media player 缓冲区错误漏洞

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by Videolan France. The product supports the playback of a variety of media files, CD-ROMs, etc., a variety of audio and video formats WMV, MP3, etc. and so on. A buffer overflo...

7.8CVSS7.3AI score0.01538EPSS
Exploits1References10
NVD
NVD
added 2019/08/20 12:15 a.m.24 views

CVE-2019-15232

Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors...

9.8CVSS9.5AI score0.01716EPSS
Exploits0References2
OSV
OSV
added 2019/03/12 9:29 a.m.2 views

DEBIAN-CVE-2019-9721

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

6.5CVSS6.4AI score0.01423EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/11/21 12:0 a.m.22 views

openSUSE Security Update : libmatroska / mkvtoolnix (openSUSE-2018-1432)

This update for libmatroska, mkvtoolnix fixes the following issues : Security issue fixed : - CVE-2018-4022: Fixed use-after-free vulnerability that existed in the way MKV matroska file format was handled bsc1113709. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

7.8CVSS7.2AI score0.01522EPSS
Exploits1References2
NVD
NVD
added 2018/10/26 5:29 p.m.11 views

CVE-2018-4022

A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV matroska file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user...

7.8CVSS7.6AI score0.01522EPSS
Exploits1References1
Talos
Talos
added 2018/10/26 12:0 a.m.513 views

MKVToolNix MKVINFO read_one_element code execution vulnerability

Summary A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV matroska file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user. Tested Versions MKVToolNix mkvinfo v25.0.0 ‘Prog Noir’ 64-bit Product URLs...

7.8CVSS7.5AI score0.01522EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2017/11/10 2:29 a.m.2 views

CVE-2017-12801

The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service assert fault via a crafted mkv file...

6.5CVSS5.5AI score0.02415EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2017/11/10 2:29 a.m.2 views

CVE-2017-12781

The EBMLBufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service Null pointer dereference and application crash via a crafted mkv file...

6.5CVSS5.5AI score0.02415EPSS
Exploits1References4
CNVD
CNVD
added 2017/11/08 12:0 a.m.3 views

libebml2 'ReadDataFloat' Function Denial of Service Vulnerability

libebml2 is an open source EBML parser written in C . A security vulnerability exists in the 'ReadDataFloat' function in the ebmlnumber.c file in libebml2 2012-08-26 and earlier versions. A remote attacker can exploit this vulnerability to cause a denial of service with the help of a specially...

6.5CVSS6.8AI score0.02415EPSS
Exploits1References1
CNVD
CNVD
added 2017/11/08 12:0 a.m.6 views

mkvalidator 'Node_GetData' Function Denial of Service Vulnerability

mkvalidator is a command line tool from the Matroska team for verifying that Matroska and WebM files are canonical. A security vulnerability exists in the 'NodeGetData' function in the corec/corec/node/node.c file in mkvalidator version 0.5.1. A remote attacker can exploit this vulnerability to...

6.5CVSS6.9AI score0.02241EPSS
Exploits0References1
CNVD
CNVD
added 2017/11/08 12:0 a.m.5 views

libebml2 EBML_FindNextElement Function Denial of Service Vulnerability

libebml2 is a mkv file parsing library for analyzing or parsing mkv files for playback. A denial of service vulnerability exists in the EBMLFindNextElement function in libebml2 2012-08-26 and earlier ebmlmain.c. The vulnerability can be exploited to cause a denial of service null pointer...

6.5CVSS6.8AI score0.02415EPSS
Exploits1References1
NVD
NVD
added 2015/01/22 10:59 p.m.18 views

CVE-2014-7933

Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...

7.5CVSS7AI score0.02803EPSS
Exploits0References12
OSV
OSV
added 2015/01/22 10:59 p.m.2 views

DEBIAN-CVE-2014-7933

Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...

7.5CVSS9.3AI score0.02803EPSS
Exploits0References1
OSV
OSV
added 2015/01/22 10:59 p.m.6 views

CVE-2014-7933

Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...

9.5AI score0.02803EPSS
Exploits0References12
OSV
OSV
added 2015/01/22 12:0 a.m.3 views

UBUNTU-CVE-2014-7933

Use-after-free vulnerability in the matroskareadseek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers...

7.5CVSS7.4AI score0.02803EPSS
Exploits0References5
Rows per page
Query Builder