CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-6879 – heap buffer overflow in libaom
https://notcve.org/view.php?id=CVE-2023-6879
27 Dec 2023 — Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc(). Aumentar la resolución de los fotogramas de vídeo, mientras se realiza una codificación multiproceso, puede provocar un desbordamiento del montón en av1_loop_restoration_dealloc(). • https://aomedia.googlesource.com/aom/+/refs/tags/v3.7.1 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36130 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36130
02 Dec 2021 — AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c. Se ha detectado que AOM versión v2.0.1, contiene una desreferencia de puntero NULL por medio del componente av1/av1_dx_iface.c Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2905&q=&can=1 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36131 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36131
02 Dec 2021 — AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. Se ha detectado que AOM versión v2.0.1, contenía un desbordamiento del búfer de la pila por medio del componente stats/rate_hist.c Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2911&q=&can=1 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36133 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36133
02 Dec 2021 — AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. Se ha detectado que AOM versión v2.0.1, contiene un desbordamiento de búfer global por medio del componente av1/encoder/partition_search.h Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2913&q=&can=1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36135 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36135
02 Dec 2021 — AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component rate_hist.c. Se ha detectado que AOM versión v2.0.1, contiene una desreferencia de puntero NULL por medio del componente rate_hist.c Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2910&q=&can=1 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36129 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36129
02 Dec 2021 — AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. Se ha detectado que AOM versión v2.0.1, contiene un desbordamiento del búfer de la pila por medio del componente src/aom_image.c Multiple vulnerabilities have been discovered in libaom, the worst of which can lead to remote code execution. Versions greater than or equal to 3.2.0 are affected. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2912&q=&can=1 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36134 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2020-36134
02 Dec 2021 — AOM v2.0.1 was discovered to contain a segmentation violation via the component aom_dsp/x86/obmc_sad_avx2.c. Se ha detectado que AOM versión v2.0.1, contiene una violación de segmentación por medio del componente aom_dsp/x86/obmc_sad_avx2.c Multiple vulnerabilities have been discovered in libaom, the worst of which can lead to remote code execution. Versions greater than or equal to 3.2.0 are affected. • https://bugs.chromium.org/p/aomedia/issues/detail?id=2914 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30475 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2021-30475
04 Jun 2021 — aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. El archivo aom_dsp/noise_model.c en libaom en AOMedia versiones anteriores al 24-03-2021, presenta un desbordamiento del búfer Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://aomedia.googlesource.com/aom/+/12adc723acf02633595a4d8da8345742729f46c0 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-30474 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2021-30474
02 Jun 2021 — aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. El archivo aom_dsp/grain_table.c en la función libaom en AOMedia hasta el 30-03-2021, presenta un uso de la memoria previamente liberada Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-30473 – Gentoo Linux Security Advisory 202401-32
https://notcve.org/view.php?id=CVE-2021-30473
06 May 2021 — aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. El archivo aom_image.c en libaom en AOMedia versiones anteriores al 07-04-2021, libera memoria que no se encuentra en la pila Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed. • https://aomedia.googlesource.com/aom/+/4efe20e99dcd9b6f8eadc8de8acc825be7416578 • CWE-763: Release of Invalid Pointer or Reference •