Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Matroska Subscribe
Total 15 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3405 3 Debian, Fedoraproject, Matroska 3 Debian Linux, Fedora, Libebml 2022-09-30 4.3 MEDIUM 6.5 MEDIUM
A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml.
CVE-2015-8792 2 Matroska, Opensuse 3 Libmatroska, Leap, Opensuse 2018-10-30 5.0 MEDIUM 5.3 MEDIUM
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers an invalid memory access.
CVE-2017-12803 1 Matroska 1 Mkclean 2017-11-28 4.3 MEDIUM 6.5 MEDIUM
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
CVE-2017-12779 1 Matroska 1 Mkvalidator 2017-11-28 4.3 MEDIUM 6.5 MEDIUM
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
CVE-2017-12802 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2017-11-27 4.3 MEDIUM 6.5 MEDIUM
The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
CVE-2017-12800 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2017-11-22 4.3 MEDIUM 6.5 MEDIUM
The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
CVE-2017-12801 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2017-11-22 4.3 MEDIUM 6.5 MEDIUM
The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
CVE-2017-12781 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2017-11-22 4.3 MEDIUM 6.5 MEDIUM
The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dereference and application crash) via a crafted mkv file.
CVE-2017-12780 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2017-11-22 4.3 MEDIUM 6.5 MEDIUM
The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted mkv file.
CVE-2017-12782 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2017-11-22 4.3 MEDIUM 6.5 MEDIUM
The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
CVE-2017-12783 1 Matroska 3 Libebml2, Mkclean, Mkvalidator 2017-11-22 4.3 MEDIUM 6.5 MEDIUM
The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
CVE-2008-1161 1 Matroska 1 Demuxer 2017-08-07 9.3 HIGH N/A
Buffer overflow in the Matroska demuxer (demuxers/demux_matroska.c) in xine-lib before 1.1.10.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Matroska file with invalid frame sizes.
CVE-2015-8790 1 Matroska 1 Libebml 2017-01-19 4.3 MEDIUM 4.3 MEDIUM
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which triggers an invalid memory access.
CVE-2015-8789 1 Matroska 1 Libebml 2017-01-19 9.3 HIGH 9.6 CRITICAL
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document.
CVE-2015-8791 1 Matroska 1 Libebml 2016-12-02 4.3 MEDIUM 4.3 MEDIUM
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML id, which triggers an invalid memory access.