Filtered by vendor Ffmpeg
Subscriptions
Total
428 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-22029 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-11-07 | 8.8 High |
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other potential consequences. | ||||
CVE-2020-22020 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-11-07 | 6.5 Medium |
Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service. | ||||
CVE-2020-20902 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 6.5 Medium |
A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c in FFmpeg 4.2.1 during computation of the denominator of pseudo-normalized correlation R'(0), that could result in disclosure of information. | ||||
CVE-2020-20892 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | 8.8 High |
An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero. | ||||
CVE-2020-13904 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2023-11-07 | 5.5 Medium |
FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c. | ||||
CVE-2018-9841 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | N/A |
The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename. | ||||
CVE-2018-10001 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-11-07 | N/A |
The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file. | ||||
CVE-2017-17555 | 2 Aubio, Ffmpeg | 3 Aubio, Ffmpeg, Libswresample | 2023-11-07 | N/A |
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file. | ||||
CVE-2017-16840 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-11-07 | 9.8 Critical |
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c. | ||||
CVE-2017-15672 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-11-07 | N/A |
The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read. | ||||
CVE-2016-6920 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | N/A |
Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions. | ||||
CVE-2016-6164 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | N/A |
Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size. | ||||
CVE-2016-3062 | 4 Debian, Ffmpeg, Libav and 1 more | 4 Debian Linux, Ffmpeg, Libav and 1 more | 2023-11-07 | N/A |
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file. | ||||
CVE-2016-2330 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2023-11-07 | N/A |
libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image, gif_encode_init, and gif_encode_close functions. | ||||
CVE-2016-2329 | 2 Ffmpeg, Opensuse | 2 Ffmpeg, Leap | 2023-11-07 | N/A |
libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted TIFF file, related to the tiff_decode_tag and decode_frame functions. | ||||
CVE-2016-2328 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | N/A |
libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact via a crafted .cine file, related to the bayer_to_rgb24_wrapper and bayer_to_yv12_wrapper functions. | ||||
CVE-2016-2327 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | N/A |
libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the apng_encode_frame and encode_apng functions. | ||||
CVE-2016-2326 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2023-11-07 | N/A |
Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PTS (aka presentation timestamp) value in a .mov file. | ||||
CVE-2016-2213 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | N/A |
The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (out-of-bounds array read access) via crafted JPEG 2000 data. | ||||
CVE-2015-8663 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-07 | N/A |
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file. |