Vulnerabilities (CVE)

Filtered by vendor Ffmpeg Subscribe
Total 430 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-8541 2 Canonical, Ffmpeg 2 Ubuntu Linux, Ffmpeg 2024-11-21 7.5 HIGH N/A
libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MJPEG data.
CVE-2014-7937 2 Ffmpeg, Google 2 Ffmpeg, Chrome 2024-11-21 7.5 HIGH N/A
Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted Vorbis I data.
CVE-2014-7933 2 Ffmpeg, Google 2 Ffmpeg, Chrome 2024-11-21 7.5 HIGH N/A
Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data.
CVE-2014-5272 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM N/A
libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats.
CVE-2014-5271 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2024-11-21 7.5 HIGH N/A
Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.
CVE-2014-4610 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run.
CVE-2014-2263 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM N/A
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger an out-of-bounds write.
CVE-2014-2099 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM N/A
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Microsoft RLE video data.
CVE-2014-2098 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM N/A
libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data.
CVE-2014-2097 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM N/A
The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data.
CVE-2014-125025 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125024 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 7.3 HIGH
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125023 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125022 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125021 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125020 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 7.3 HIGH
A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125019 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125018 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
CVE-2014-125017 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 7.3 HIGH
A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue.
CVE-2014-125016 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.