cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-1580,https://securityvulnerability.io/vulnerability/CVE-2024-1580,Memory Corruption in dav1d AV1 Decoder Due to Integer Overflow,"An integer overflow vulnerability present in the dav1d AV1 decoder can arise when decoding videos with large frame sizes, potentially resulting in memory corruption within the decoder. This flaw poses a significant risk as it may disrupt normal operations of the affected software and compromise system integrity. Users are strongly advised to upgrade to versions beyond 1.4.0 to mitigate the risks associated with this vulnerability.",Videolan,Dav1d,8.8,HIGH,0.0028800000436604023,false,,true,false,true,2024-03-26T20:42:26.000Z,,true,false,,2024-02-19T10:34:55.113Z,3420
CVE-2023-32570,https://securityvulnerability.io/vulnerability/CVE-2023-32570,Race Condition in VideoLAN's Dav1d Library Could Cause Application Crashes,"A race condition vulnerability in the VideoLAN dav1d library prior to version 1.2.0 can lead to an unexpected application crash. This issue, specifically found in the thread_task.c file, relates to the dav1d_decode_frame_exit function. When multiple threads attempt to access shared resources concurrently, it may result in inconsistent states that compromise application stability. It's crucial for users to upgrade to version 1.2.0 or later to mitigate this risk and ensure reliable functionality.",Videolan,Dav1d,5.9,MEDIUM,0.0018899999558925629,false,,false,false,false,,,false,false,,2023-05-10T05:15:00.000Z,0