CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-6879 – heap buffer overflow in libaom
https://notcve.org/view.php?id=CVE-2023-6879
27 Dec 2023 — Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc(). Aumentar la resolución de los fotogramas de vídeo, mientras se realiza una codificación multiproceso, puede provocar un desbordamiento del montón en av1_loop_restoration_dealloc(). • https://aomedia.googlesource.com/aom/+/refs/tags/v3.7.1 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39616
https://notcve.org/view.php?id=CVE-2023-39616
29 Aug 2023 — AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h. Se ha descubierto que AOMedia v3.0.0 a v3.5.0 contiene un acceso no válido a la memoria de lectura a través del componente "assign_frame_buffer_p in av1/common/av1_common_int.h. ". • https://bugs.chromium.org/p/aomedia/issues/detail?id=3372#c3 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36130 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36130
02 Dec 2021 — AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c. Se ha detectado que AOM versión v2.0.1, contiene una desreferencia de puntero NULL por medio del componente av1/av1_dx_iface.c Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2905&q=&can=1 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36129 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36129
02 Dec 2021 — AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. Se ha detectado que AOM versión v2.0.1, contiene un desbordamiento del búfer de la pila por medio del componente src/aom_image.c Multiple vulnerabilities have been discovered in libaom, the worst of which can lead to remote code execution. Versions greater than or equal to 3.2.0 are affected. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2912&q=&can=1 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36133 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36133
02 Dec 2021 — AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. Se ha detectado que AOM versión v2.0.1, contiene un desbordamiento de búfer global por medio del componente av1/encoder/partition_search.h Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2913&q=&can=1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36135 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36135
02 Dec 2021 — AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component rate_hist.c. Se ha detectado que AOM versión v2.0.1, contiene una desreferencia de puntero NULL por medio del componente rate_hist.c Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2910&q=&can=1 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36134 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36134
02 Dec 2021 — AOM v2.0.1 was discovered to contain a segmentation violation via the component aom_dsp/x86/obmc_sad_avx2.c. Se ha detectado que AOM versión v2.0.1, contiene una violación de segmentación por medio del componente aom_dsp/x86/obmc_sad_avx2.c Multiple vulnerabilities have been discovered in libaom, the worst of which can lead to remote code execution. Versions greater than or equal to 3.2.0 are affected. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2914 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36131 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36131
02 Dec 2021 — AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. Se ha detectado que AOM versión v2.0.1, contenía un desbordamiento del búfer de la pila por medio del componente stats/rate_hist.c Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2911&q=&can=1 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30475 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2021-30475
04 Jun 2021 — aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. El archivo aom_dsp/noise_model.c en libaom en AOMedia versiones anteriores al 24-03-2021, presenta un desbordamiento del búfer Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://aomedia.googlesource.com/aom/+/12adc723acf02633595a4d8da8345742729f46c0 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30474 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2021-30474
02 Jun 2021 — aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. El archivo aom_dsp/grain_table.c en la función libaom en AOMedia hasta el 30-03-2021, presenta un uso de la memoria previamente liberada Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e • CWE-416: Use After Free •