Total
105 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-1000460 | 3 Ffmpeg, Google, Libav | 3 Ffmpeg, Chrome, Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception. | |||||
CVE-2016-9826 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
CVE-2016-9825 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
CVE-2016-9824 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
CVE-2016-9823 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
libavcodec/x86/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
CVE-2016-9822 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
CVE-2016-9821 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
CVE-2016-9820 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
CVE-2016-9819 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
CVE-2016-8676 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
The get_vlc2 function in get_bits.h in Libav 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file. NOTE: this issue exists due to an incomplete fix for CVE-2016-8675. | |||||
CVE-2016-8675 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
The get_vlc2 function in get_bits.h in Libav before 11.9 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted mp3 file, possibly related to startcode sequences during m4v detection. | |||||
CVE-2016-7499 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3 file. | |||||
CVE-2016-7477 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
The ff_put_pixels8_xy2_mmx function in rnd_template.c in Libav 11.7 allows remote attackers to cause a denial of service (invalid memory access and crash) via a crafted mp3 file. NOTE: this issue was originally reported as involving a NULL pointer dereference. | |||||
CVE-2016-7424 | 2 Debian, Libav | 2 Debian Linux, Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file. | |||||
CVE-2016-7393 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file. | |||||
CVE-2016-6832 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer resizing. | |||||
CVE-2016-3062 | 4 Debian, Ffmpeg, Libav and 1 more | 4 Debian Linux, Ffmpeg, Libav and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file. | |||||
CVE-2015-5479 | 3 Libav, Opensuse, Ubuntu | 3 Libav, Leap, Ubuntu | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions. | |||||
CVE-2015-3395 | 3 Canonical, Ffmpeg, Libav | 3 Ubuntu Linux, Ffmpeg, Libav | 2024-11-21 | 6.8 MEDIUM | N/A |
The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access. | |||||
CVE-2014-5271 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2024-11-21 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors. |