Filtered by vendor Ffmpeg
Subscriptions
Filtered by product Ffmpeg
Subscriptions
Total
485 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-8365 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2025-04-12 | N/A |
| The smka_decode_frame function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Smacker data. | ||||
| CVE-2016-2330 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2025-04-12 | N/A |
| libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .tga file, related to the gif_image_write_image, gif_encode_init, and gif_encode_close functions. | ||||
| CVE-2015-3395 | 3 Canonical, Ffmpeg, Libav | 3 Ubuntu Linux, Ffmpeg, Libav | 2025-04-12 | N/A |
| The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access. | ||||
| CVE-2014-9319 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted .bit file. | ||||
| CVE-2014-9317 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via an IDAT before an IHDR in a PNG file. | ||||
| CVE-2014-8549 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted On2 data. | ||||
| CVE-2014-8546 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted Cinepak video data. | ||||
| CVE-2014-8545 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG data. | ||||
| CVE-2014-7933 | 3 Ffmpeg, Google, Redhat | 3 Ffmpeg, Chrome, Rhel Extras | 2025-04-12 | N/A |
| Use-after-free vulnerability in the matroska_read_seek function in libavformat/matroskadec.c in FFmpeg before 2.5.1, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska file that triggers improper maintenance of tracks data. | ||||
| CVE-2016-7502 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode. | ||||
| CVE-2016-2327 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .avi file, related to the apng_encode_frame and encode_apng functions. | ||||
| CVE-2016-2328 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact via a crafted .cine file, related to the bayer_to_rgb24_wrapper and bayer_to_yv12_wrapper functions. | ||||
| CVE-2014-9676 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly execute arbitrary code via a crafted video that triggers a use after free. | ||||
| CVE-2015-6821 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted MPEG data. | ||||
| CVE-2016-2839 | 3 Ffmpeg, Linux, Mozilla | 3 Ffmpeg, Linux Kernel, Firefox | 2025-04-12 | N/A |
| Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 on Linux make cairo _cairo_surface_get_extents calls that do not properly interact with libav header allocation in FFmpeg 0.10, which allows remote attackers to cause a denial of service (application crash) via a crafted video. | ||||
| CVE-2015-6825 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via a crafted file, as demonstrated by an AVI file. | ||||
| CVE-2014-9316 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via vectors related to LJIF tags in an MJPEG file. | ||||
| CVE-2015-8216 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. | ||||
| CVE-2015-8217 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-12 | N/A |
| The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data. | ||||
| CVE-2014-8547 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2025-04-12 | N/A |
| libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted GIF data. | ||||