In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
Max CVSS
6.5
EPSS Score
0.18%
Published
2018-01-03
Updated
2019-03-31
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.
Max CVSS
9.3
EPSS Score
1.68%
Published
2018-01-09
Updated
2018-02-02
2 vulnerabilities found