Search CVE reports
171 – 180 of 479 results
CVE-2018-7557
Medium prioritySome fixes available 2 of 3
The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.
1 affected packages
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Fixed | Fixed |
CVE-2018-6912
Medium priorityThe decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2012-5360
Medium priorityLibavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file.
4 affected packages
ffmpeg, ffmpeg-extra, libav, libav-extra
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | — | — |
| ffmpeg-extra | — | — | — | — | — |
| libav | — | — | — | — | — |
| libav-extra | — | — | — | — | — |
CVE-2012-5359
Medium priorityLibavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.
4 affected packages
ffmpeg, ffmpeg-extra, libav, libav-extra
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | — | — |
| ffmpeg-extra | — | — | — | — | — |
| libav | — | — | — | — | — |
| libav-extra | — | — | — | — | — |
CVE-2018-6621
Medium priorityThe decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
1 affected packages
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | Not affected | Not affected | Not affected |
CVE-2018-6392
Medium prioritySome fixes available 1 of 2
The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file.
1 affected packages
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Fixed |
CVE-2015-1208
Medium priorityInteger underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.
4 affected packages
ffmpeg, libav, mplayer, vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
| mplayer | — | — | — | Not affected | Not affected |
| vlc | — | — | — | Not affected | Not affected |
CVE-2017-1000460
Medium priorityIn line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2017-9608
Low priorityThe dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file.
1 affected packages
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
CVE-2017-17081
Low prioritySome fixes available 1 of 26
The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedness error and out-of-array read)...
6 affected packages
chromium-browser, ffmpeg, gst-libav1.0, oxide-qt, qtwebengine-opensource-src, vlc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not affected | Not affected | Not affected |
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Fixed |
| gst-libav1.0 | Not affected | Not affected | Not affected | Not affected | Not affected |
| oxide-qt | Not in release | Not in release | Not in release | Not in release | Ignored |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
| vlc | Not affected | Not affected | Not affected | Not affected | Not affected |