Filtered by vendor Ffmpeg
Subscriptions
Total
428 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-3341 | 1 Ffmpeg | 1 Ffmpeg | 2023-06-13 | 5.3 Medium |
| A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash. | ||||
| CVE-2019-15942 | 1 Ffmpeg | 1 Ffmpeg | 2023-02-28 | 8.8 High |
| FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer. | ||||
| CVE-2021-3566 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-12-21 | 5.5 Medium |
| Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg). | ||||
| CVE-2020-22034 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-10-26 | 8.8 High |
| A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other potential consequences. | ||||
| CVE-2020-22033 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-10-26 | 6.5 Medium |
| A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service. | ||||
| CVE-2020-22032 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-10-25 | 8.8 High |
| A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences. | ||||
| CVE-2020-22025 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-10-25 | 8.8 High |
| A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences. | ||||
| CVE-2019-11338 | 4 Canonical, Debian, Ffmpeg and 1 more | 4 Ubuntu Linux, Debian Linux, Ffmpeg and 1 more | 2022-10-07 | 8.8 High |
| libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. | ||||
| CVE-2019-9718 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2022-10-07 | 6.5 Medium |
| In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. | ||||
| CVE-2018-7557 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-10-07 | 6.5 Medium |
| The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data. | ||||
| CVE-2018-15822 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2022-10-07 | 7.5 High |
| The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure. | ||||
| CVE-2019-9721 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2022-10-07 | 6.5 Medium |
| A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. | ||||
| CVE-2018-12459 | 1 Ffmpeg | 1 Ffmpeg | 2022-10-03 | N/A |
| An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. | ||||
| CVE-2018-12460 | 1 Ffmpeg | 1 Ffmpeg | 2022-10-03 | N/A |
| libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c. | ||||
| CVE-2011-2162 | 3 Ffmpeg, Mandriva, Mplayerhq | 5 Ffmpeg, Corporate Server, Enterprise Server and 2 more | 2022-10-03 | N/A |
| Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers." | ||||
| CVE-2011-2161 | 1 Ffmpeg | 1 Ffmpeg | 2022-10-03 | N/A |
| The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header but no frames. | ||||
| CVE-2011-4353 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2022-10-03 | N/A |
| The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse_coeff functions in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted VP5 or VP6 stream. | ||||
| CVE-2020-22017 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-09-13 | 8.8 High |
| A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences. | ||||
| CVE-2020-35964 | 2 Ffmpeg, Linux | 2 Ffmpeg, Linux Kernel | 2022-08-06 | 6.5 Medium |
| track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. | ||||
| CVE-2020-22035 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-06-28 | 8.8 High |
| A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences. | ||||