Astra Linux - уязвимость в libvpx

There are integer overflows in the libvpx library in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may lead to integer overflows in the calculations of buffer sizes and offsets, and some fields of the returned vpximaget struct may become invali...

RLSA-2023:5537 Important: libvpx security update

The libvpx packages provide the VP8 SDK, which allows the encoding and decoding of the VP8 video codec, commonly used with the WebM multimedia container file format. Security Fixes: libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvp...

libvpx security update

An update is available for libvpx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvpx packages provide the VP8 SDK, which allows the encoding and decodi...

UBUNTU-CVE-2026-2447

Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2...

libvpx: Integer overflow in vpx_img_alloc()

A flaw was found in libvpx. When creating images, libvpx trusts the width, height, and alignment of the user input. However, it does not properly validate the provided values. This flaw allows an attacker to craft user inputs or trick the user into opening crafted files, where these types of valu...

Debian dsa-5753 : aom-tools - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5753 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5753-1 [email protected] https://www.debian.org/security/ Moritz...

libvpx: Heap buffer overflow in vp8 encoding in libvpx

A heap-based buffer overflow flaw was found in the way libvpx, a library used to process VP8 and VP9 video codecs data, processes certain specially formatted video data via a crafted HTML page. This flaw allows an attacker to crash or remotely execute arbitrary code in an application, such as a w...

DEBIAN-CVE-2023-44488

VP9 in libvpx before 1.13.1 mishandles widths, leading to a crash related to encoding...

CVE-2019-9338

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111762686...

CVE-2017-13186

A vulnerability in the Android media framework libavc related to incorrect use of mmco parameters. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-65735716...

Google Android Media framework (libavc) Denial of Service Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. media framework libavc is one of the frameworks used for multimedia development. A denial of service vulnerability exists in Media framework libavc in Android. A remote attacker ca...

UBUNTU-CVE-2014-8542

libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted JV data...