Matroska Org
Products
4- 9 CVEs
- 3 CVEs
- 1 CVE
- 1 CVE
Recent CVEs
14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-8789 | Cri | 0.62 | 9.6 | 0.00 | Jan 29, 2016 | Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document. | ||
| CVE-2017-12803 | Med | 0.42 | 6.5 | 0.01 | Nov 10, 2017 | The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | ||
| CVE-2017-12802 | Med | 0.42 | 6.5 | 0.01 | Nov 10, 2017 | The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | ||
| CVE-2017-12801 | Med | 0.42 | 6.5 | 0.01 | Nov 10, 2017 | The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | ||
| CVE-2017-12800 | Med | 0.42 | 6.5 | 0.01 | Nov 10, 2017 | The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | ||
| CVE-2017-12783 | Med | 0.42 | 6.5 | 0.01 | Nov 10, 2017 | The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | ||
| CVE-2017-12782 | Med | 0.42 | 6.5 | 0.01 | Nov 10, 2017 | The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file. | ||
| CVE-2017-12781 | Med | 0.42 | 6.5 | 0.01 | Nov 10, 2017 | The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | ||
| CVE-2017-12780 | Med | 0.42 | 6.5 | 0.01 | Nov 10, 2017 | The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted mkv file. | ||
| CVE-2017-12779 | Med | 0.42 | 6.5 | 0.00 | Nov 10, 2017 | The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file. | ||
| CVE-2015-8792 | Med | 0.34 | 5.3 | 0.00 | Jan 29, 2016 | The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access. | ||
| CVE-2015-8791 | Med | 0.28 | 4.3 | 0.00 | Jan 29, 2016 | The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access. | ||
| CVE-2015-8790 | Med | 0.28 | 4.3 | 0.01 | Jan 29, 2016 | The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access. | ||
| CVE-2008-1161 | 0.01 | — | 0.09 | Mar 10, 2008 | Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes. |
- risk 0.62cvss 9.6epss 0.00
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.
- risk 0.42cvss 6.5epss 0.01
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
- risk 0.42cvss 6.5epss 0.01
The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
- risk 0.42cvss 6.5epss 0.01
The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
- risk 0.42cvss 6.5epss 0.01
The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
- risk 0.42cvss 6.5epss 0.01
The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
- risk 0.42cvss 6.5epss 0.01
The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
- risk 0.42cvss 6.5epss 0.01
The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
- risk 0.42cvss 6.5epss 0.01
The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted mkv file.
- risk 0.42cvss 6.5epss 0.00
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
- risk 0.34cvss 5.3epss 0.00
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
- risk 0.28cvss 4.3epss 0.00
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.
- risk 0.28cvss 4.3epss 0.01
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
- CVE-2008-1161Mar 10, 2008risk 0.01cvss —epss 0.09
Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.