Total
105 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-5271 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors. | |||||
CVE-2014-3984 | 1 Libav | 1 Libav | 2023-12-10 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and vectors. | |||||
CVE-2012-2803 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value. | |||||
CVE-2012-2802 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes." | |||||
CVE-2011-3947 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 6.8 MEDIUM | N/A |
Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MJPEG-B file. | |||||
CVE-2012-2790 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-block in BGMC mode." | |||||
CVE-2012-0851 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 6.8 MEDIUM | N/A |
The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chroma_format_idc value. | |||||
CVE-2012-2784 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than CVE-2012-2777. | |||||
CVE-2012-5144 | 4 Canonical, Google, Libav and 1 more | 4 Ubuntu Linux, Chrome, Libav and 1 more | 2023-12-10 | 10.0 HIGH | N/A |
Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN." | |||||
CVE-2012-2779 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the decode_frame function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "half initialized context." | |||||
CVE-2012-2789 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large number of vector coded coefficients (num_vec_coeffs). | |||||
CVE-2012-2788 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk." | |||||
CVE-2011-4364 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 6.8 MEDIUM | N/A |
Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VMD file, related to corrupted streams. | |||||
CVE-2012-2786 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the decode_wdlt function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write." | |||||
CVE-2012-2794 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "allocated tile size ... mismatches parameters." | |||||
CVE-2012-0853 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 6.8 MEDIUM | N/A |
The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in libavcodec in FFmpeg 0.7.x before 0.7.12, and 0.8.x before 0.8.11; and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (infinite loop and crash) and possibly execute arbitrary code via a large component count in an Atrac 3 file. | |||||
CVE-2012-2801 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and "out of array writes." | |||||
CVE-2011-3952 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 6.8 MEDIUM | N/A |
The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file. | |||||
CVE-2011-3936 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 4.3 MEDIUM | N/A |
The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DV file. | |||||
CVE-2012-2797 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2023-12-10 | 10.0 HIGH | N/A |
Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors related to a calculation that prevents a frame from being "large enough." |