Skip to main content

Aomedia

5 CVEs product

Monthly

CVE-2023-6879 CRITICAL POC PATCH Act Now

Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Aomedia Fedora
NVD VulDB
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-39616 HIGH PATCH This Week

AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Aomedia
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2021-30475 CRITICAL PATCH Act Now

aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aomedia Fedora
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2021-30474 CRITICAL PATCH Act Now

aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Aomedia
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-30473 CRITICAL PATCH Act Now

aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Aomedia Fedora
NVD
CVSS 3.1
9.8
EPSS
2.1%
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Aomedia Fedora
NVD VulDB
EPSS 1% CVSS 7.5
HIGH PATCH This Week

AOMedia v3.0.0 to v3.5.0 was discovered to contain an invalid read memory access via the component assign_frame_buffer_p in av1/common/av1_common_int.h. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Aomedia
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aomedia Fedora
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure +1
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Aomedia Fedora
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy