Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

141 – 150 of 479 results

CVE-2019-11339

Medium priority
Fixed

The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via...

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected
Show less packages

CVE-2019-11338

Low priority

Some fixes available 3 of 4

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly...

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Fixed Fixed
Show less packages

CVE-2019-9721

Medium priority
Fixed

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Fixed Not affected
Show less packages

CVE-2019-9718

Medium priority
Fixed

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format...

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Fixed Not affected
Show less packages

CVE-2019-1000016

Medium priority
Fixed

FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be...

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected
Show less packages

CVE-2018-18829

Medium priority
Needs evaluation

There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.

5 affected packages

ffmpeg, gst-libav1.0, libav, qtwebengine-opensource-src, vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
vlc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2018-18828

Medium priority
Needs evaluation

There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

5 affected packages

ffmpeg, gst-libav1.0, libav, qtwebengine-opensource-src, vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
vlc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2018-18827

Medium priority
Needs evaluation

There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

5 affected packages

ffmpeg, gst-libav1.0, libav, qtwebengine-opensource-src, vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
vlc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2018-18826

Medium priority
Needs evaluation

There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file.

5 affected packages

ffmpeg, gst-libav1.0, libav, qtwebengine-opensource-src, vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
vlc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2018-15822

Low priority
Fixed

The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.

1 affected packages

ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Fixed Fixed
Show less packages
  1. Previous page
  2. 13
  3. 14
  4. 15
  5. 16
  6. 17
  7. Next page
Export to JSON