Search CVE reports
231 – 240 of 479 results
CVE-2016-7393
Low prioritySome fixes available 1 of 2
Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | — | — | Not affected | Not affected |
libav | — | — | — | Not in release | Not in release |
CVE-2016-10192
Medium prioritySome fixes available 1 of 4
Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | — | — | Not affected | Fixed |
libav | — | — | — | Not in release | Not in release |
CVE-2016-10191
Medium prioritySome fixes available 1 of 4
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP...
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | — | — | Not affected | Fixed |
libav | — | — | — | Not in release | Not in release |
CVE-2016-10190
Medium prioritySome fixes available 1 of 4
Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | — | — | Not affected | Fixed |
libav | — | — | — | Not in release | Not in release |
CVE-2016-5115
Low priorityThe avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.
3 affected packages
ffmpeg, libav, mplayer
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | Not affected | Not affected | Not affected | Ignored |
libav | — | Not in release | Not in release | Not in release | Not in release |
mplayer | — | Not affected | Not affected | Not affected | Not affected |
CVE-2017-5025
Medium prioritySome fixes available 13 of 16
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
3 affected packages
chromium-browser, ffmpeg, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
ffmpeg | — | — | — | Not affected | Fixed |
oxide-qt | — | — | — | Not in release | Fixed |
CVE-2017-5024
Medium prioritySome fixes available 13 of 16
FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
3 affected packages
chromium-browser, ffmpeg, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
ffmpeg | — | — | — | Not affected | Fixed |
oxide-qt | — | — | — | Not in release | Fixed |
CVE-2016-6920
Medium priorityHeap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions.
1 affected packages
ffmpeg
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | — | — | Not affected | Not affected |
CVE-2016-6164
Medium priorityInteger overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size.
1 affected packages
ffmpeg
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | — | — | — | Fixed |
CVE-2016-9561
Low prioritySome fixes available 2 of 4
The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a crafted MOV file.
1 affected packages
ffmpeg
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | — | — | Not affected | Fixed |