Total
429 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-3417 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 6.8 MEDIUM | N/A |
| Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VIDEO element that references H.264 data. | |||||
| CVE-2015-3395 | 3 Canonical, Ffmpeg, Libav | 3 Ubuntu Linux, Ffmpeg, Libav | 2024-11-21 | 6.8 MEDIUM | N/A |
| The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access. | |||||
| CVE-2015-1872 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2024-11-21 | 6.8 MEDIUM | N/A |
| The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Motion JPEG data. | |||||
| CVE-2015-1208 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file. | |||||
| CVE-2014-9676 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.8 MEDIUM | N/A |
| The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free. | |||||
| CVE-2014-9604 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions. | |||||
| CVE-2014-9603 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value and the frame width, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Sierra VMD video data. | |||||
| CVE-2014-9602 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical relationship, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted X-Face image data. | |||||
| CVE-2014-9319 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 5.0 MEDIUM | N/A |
| The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted .bit file. | |||||
| CVE-2014-9318 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via a crafted .cine file that triggers the avpicture_get_size function to return a negative frame size. | |||||
| CVE-2014-9317 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file. | |||||
| CVE-2014-9316 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via vectors related to LJIF tags in an MJPEG file. | |||||
| CVE-2014-8549 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted On2 data. | |||||
| CVE-2014-8548 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data. | |||||
| CVE-2014-8547 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data. | |||||
| CVE-2014-8546 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Cinepak video data. | |||||
| CVE-2014-8545 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data. | |||||
| CVE-2014-8544 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data. | |||||
| CVE-2014-8543 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data. | |||||
| CVE-2014-8542 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2024-11-21 | 7.5 HIGH | N/A |
| libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data. | |||||