Search
Total
421 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9316 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via vectors related to LJIF tags in an MJPEG file. | |||||
| CVE-2014-8549 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted On2 data. | |||||
| CVE-2014-9604 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1) restore_median and (2) restore_median_il functions. | |||||
| CVE-2014-9603 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value and the frame width, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Sierra VMD video data. | |||||
| CVE-2014-8547 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data. | |||||
| CVE-2014-2098 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data. | |||||
| CVE-2014-8546 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Cinepak video data. | |||||
| CVE-2014-8545 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data. | |||||
| CVE-2014-2097 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted TAK (aka Tom's lossless Audio Kompressor) data. | |||||
| CVE-2014-8544 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted TIFF data. | |||||
| CVE-2014-8548 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Quicktime Graphics (aka SMC) video data. | |||||
| CVE-2014-5272 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have unspecified impact via a crafted iff image, which triggers an out-of-bounds array access, related to the rgb8 and rgbn formats. | |||||
| CVE-2014-8543 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MM video data. | |||||
| CVE-2014-5271 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2016-12-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors. | |||||
| CVE-2014-8541 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted MJPEG data. | |||||
| CVE-2013-0875 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access. | |||||
| CVE-2013-7012 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2013-7011 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data. | |||||
| CVE-2013-4265 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 10.0 HIGH | N/A |
| The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference. | |||||
| CVE-2013-4264 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 4.3 MEDIUM | N/A |
| The kempf_decode_tile function in libavcodec/g2meet.c in FFmpeg before 2.0.1 allows remote attackers to cause a denial of service (out-of-bounds heap write) via a G2M4 encoded file. | |||||
| CVE-2013-4263 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 7.5 HIGH | N/A |
| libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote vectors related to a crafted "plane," which triggers an out-of-bounds heap write. | |||||
| CVE-2013-0878 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted Targa image data, related to an out-of-bounds array access. | |||||
| CVE-2013-0877 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted LucasArts Smush data that has a large size when decoded, related to an out-of-bounds array access. | |||||
| CVE-2013-0876 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| Multiple integer overflows in the (1) old_codec37 and (2) old_codec47 functions in libavcodec/sanm.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via crafted LucasArts Smush data, which triggers an out-of-bounds array access. | |||||
| CVE-2013-7013 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data. | |||||
| CVE-2013-0874 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| The (1) doubles2str and (2) shorts2str functions in libavcodec/tiff.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via a crafted TIFF image, related to an out-of-bounds array access. | |||||
| CVE-2013-0873 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 10.0 HIGH | N/A |
| The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses." | |||||
| CVE-2013-0872 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 10.0 HIGH | N/A |
| The swr_init function in libswresample/swresample.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid or unsupported (1) input or (2) output channel layout, related to an out-of-bounds array access. | |||||
| CVE-2013-0868 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) "len==0 cases." | |||||
| CVE-2013-0867 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check when the pixel format changes, which allows remote attackers to have unspecified impact via crafted H.264 video data, related to an out-of-bounds array access. | |||||
| CVE-2013-0866 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access. | |||||
| CVE-2013-0865 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood Studios VQA Video file, which triggers an out-of-bounds write. | |||||
| CVE-2013-0862 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1.1.2 allow remote attackers to have an unspecified impact via crafted image dimensions in LucasArts Smush video data, which triggers an out-of-bounds array access. | |||||
| CVE-2013-0861 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 5.0 MEDIUM | N/A |
| The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout. | |||||
| CVE-2013-0860 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 4.3 MEDIUM | N/A |
| The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. | |||||
| CVE-2013-0864 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 10.0 HIGH | N/A |
| The gif_copy_img_rect function in libavcodec/gifdec.c in FFmpeg before 1.1.2 performs an incorrect calculation for an "end pointer," which allows remote attackers to have an unspecified impact via crafted GIF data that triggers an out-of-bounds array access. | |||||
| CVE-2013-0863 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 9.3 HIGH | N/A |
| Buffer overflow in the rle_decode function in libavcodec/sanm.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via crafted LucasArts Smush video data. | |||||
| CVE-2013-7014 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| Integer signedness error in the add_bytes_l2_c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted PNG data. | |||||
| CVE-2013-7015 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data. | |||||
| CVE-2013-7016 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2013-7017 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2013-7018 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2013-7019 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2013-7021 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via crafted data. | |||||
| CVE-2013-7022 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data. | |||||
| CVE-2013-7023 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. | |||||
| CVE-2013-7024 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2013-7008 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data. | |||||
| CVE-2013-7009 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data. | |||||
| CVE-2013-7010 | 1 Ffmpeg | 1 Ffmpeg | 2016-12-03 | 6.8 MEDIUM | N/A |
| Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. | |||||