CRITICAL9.8CVE-2026-40962FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.… from 0
CRITICAL9.8CVE-2024-35368FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. from 0, < 7:4.3.8-0+deb11u2
CRITICAL9.8FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c.
from 0, < 7:7.0.1-3
CRITICAL9.8Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.
from 0, < 7:6.1-1
CRITICAL9.8Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet com…
from 0, < 7:6.1-1
CRITICAL9.8adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step becau…
from 0, < 7:4.3.3-0+deb11u1
CRITICAL9.8cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling b…
from 0, < 7:4.2.3-1
CRITICAL9.8FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/v…
from 0, < 7:4.2.1-1
CRITICAL9.8ffmpeg - security update
from 0, < 7:4.2.1-1
CRITICAL9.8ffmpeg - security update
from 0, < 7:3.2.15-0+deb9u2
CRITICAL9.8ffmpeg - security update
from 0, < 7:4.1.4-1
CRITICAL9.8ffmpeg - security update
from 0, < 7:4.1.4-1~deb10u1
CRITICAL9.8FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol tha…
from 0, < 7:4.0.2-1
CRITICAL9.8The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because…
from 0, < 7:3.4.1-1
CRITICAL9.8Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2773, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavforma…
from 0, < 7:2.6.1-1
CRITICAL9.8FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcod…
from 0, < 7:3.2.4-1
CRITICAL9.8FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA f…
from 0, < 7:3.2.4-1
CRITICAL9.8FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in l…
from 0, < 7:3.2.4-1
CRITICAL9.8FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcod…
from 0, < 7:3.2.4-1
CRITICAL9.8Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows rem…
from 0, < 7:3.2.2-1
CRITICAL9.8Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2…
from 0, < 7:3.2.2-1
CRITICAL9.8Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 al…
from 0, < 7:3.2.2-1
CRITICAL9.8Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 all…
from 0, < 7:3.1.1-1
CRITICAL9.1ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u2
CRITICAL9.1ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u2
CRITICAL9.1FFmpeg n6.1.1 is Integer Overflow.
from 0, < 7:4.3.7-0+deb11u1
HIGH8.8A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1.
from 0, < 7:4.3.9-0+deb11u2
HIGH8.8FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_str…
from 0, < 7:7.0.1-3
HIGH8.8A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5.
from 0, < 7:5.1.6-0+deb12u1
HIGH8.8ffmpeg - security update
from 0, < 7:5.1.6-0+deb12u1
HIGH8.8ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u1
HIGH8.8ffmpeg - security update
from 0, < 7:5.1.7-0+deb12u1
HIGH8.8ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u1
HIGH8.8ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u1
HIGH8.8ffmpeg - security update
from 0, < 7:5.1.4-0+deb12u1
HIGH8.8ffmpeg - security update
from 0, < 7:5.1.4-0+deb12u1
HIGH8.8Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial…
from 0, < 7:4.3-2
HIGH8.8Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denia…
from 0, < 7:4.3-2
HIGH8.8Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Deni…
from 0, < 7:4.3-2
HIGH8.8Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Deni…
from 0, < 7:4.3-2
HIGH8.8Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a De…
from 0, < 7:4.3-2
HIGH8.8Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a De…
from 0, < 7:4.3-2
HIGH8.8An issue was discovered in function latm_write_packet in libavformat/latmenc.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Servi…
from 0, < 7:4.3-2
HIGH8.8An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of…
from 0, < 7:4.3-2
HIGH8.8ffmpeg - security update
from 0, < 7:4.3-2
HIGH8.8ffmpeg - security update
from 0, < 7:4.1.9-0+deb10u1
HIGH8.8ffmpeg - security update
from 0, < 7:3.2.18-0+deb9u1
HIGH8.8A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code.
from 0, < 7:4.3.3-0+deb11u1
HIGH8.8A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corru…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corru…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory co…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corrup…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption an…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_bitplanenoise.c, which might lead to mem…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_fieldorder.c, which might lead to memory…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files, which might lead to memory corru…
from 0, < 7:4.2.2-1
HIGH8.8A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter16_complex_low, which might lead to mem…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to me…
from 0, < 7:4.3-2
HIGH8.8A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfad…
from 0, < 7:4.3-2
HIGH8.8Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remo…
from 0, < 7:4.3.2-0+deb11u2
HIGH8.8Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to m…
from 0, < 7:4.3.1-1
HIGH8.8FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load…
from 0, < 7:4.3.1-1
HIGH8.8Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before…
from 0, < 7:2.4.1-1
HIGH8.8The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a…
from 0, < 7:4.1.3-1
HIGH8.8libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denia…
from 0, < 7:4.1.3-1
HIGH8.8FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can res…
from 0, < 7:4.0.2-1
HIGH8.8In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the…
from 0, < 7:3.4.3-1
HIGH8.8The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-arra…
from 0, < 7:3.4.3-1
HIGH8.8Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file.
from 0, < 7:2.4.1-1
HIGH8.8Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.
from 0, < 7:2.4.1-1
HIGH8.8The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified i…
from 0, < 7:3.4-1
HIGH8.8The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, w…
from 0, < 7:3.3.4-1
HIGH8.8The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a f…
from 0, < 7:3.3.4-1
HIGH8.8In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted…
from 0, < 7:3.3.4-1
HIGH8.8Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8,…
from 0, < 7:3.2.5-1
HIGH8.8An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for…
from 0, < 7:3.2-1
HIGH8.8libav - security update
from 0, < 7:2.4.1-1
HIGH8.8libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of servi…
from 0, < 2.8.6-1
HIGH8.8libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which al…
from 0, < 2.8.6-1
HIGH8.8libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a deni…
from 0, < 2.8.6-1
HIGH8.8libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a…
from 0, < 2.8.5-1
HIGH8.8Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial…
from 0, < 2.8.5-1
HIGH8.3The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows rem…
from 0, < 7:2.8.4-1
HIGH8.3The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number…
from 0, < 7:2.8.3-1
HIGH8.1ffmpeg - security update
from 0, < 7:4.3.7-0+deb11u1
HIGH8.1ffmpeg - security update
from 0, < 7:4.3.7-0+deb11u1
HIGH8.1A vulnerability classified as problematic was found in ffmpeg.
from 0, < 7:5.1.3-1
HIGH8.1A vulnerability classified as problematic has been found in ffmpeg.
from 0, < 7:5.1.3-1
HIGH8.1In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function…
from 0, < 7:3.4.3-1
HIGH8.0Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_sho…
from 0, < 7:5.1.5-0+deb12u1
HIGH8.0FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 co…
from 0, < 7:7.0.1-3
HIGH8.0Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output fun…
from 0, < 7:7.0.1-3
HIGH8.0Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of…
from 0
HIGH7.8FFmpeg 7.0 is vulnerable to Buffer Overflow.
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_ster…
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point except…
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.…
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_p…
from 0, < 7:7.0.1-3
HIGH7.8ffmpeg - security update
from 0, < 7:5.1.5-0+deb12u1
HIGH7.8ffmpeg - security update
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:…
from 0, < 7:5.1.7-0+deb12u1
HIGH7.8FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_c…
from 0, < 7:5.1.7-0+deb12u1
HIGH7.8A heap out-of-bounds memory write exists in FFMPEG since version 5.1.
from 0, < 7:5.1.1-1
HIGH7.8The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service…
from 0, < 7:3.3.3-1
HIGH7.8ffmpeg - security update
from 0, < 7:3.3.3-1
HIGH7.8ffmpeg - security update
from 0, < 7:3.2.7-1~deb9u1
HIGH7.8The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2…
from 0, < 7:3.2.5-1
HIGH7.8libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensu…
from 0, < 7:3.2.5-1
HIGH7.8Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x befor…
from 0, < 7:3.2.5-1
HIGH7.8Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file.
from 0, < 7:2.4.1-1
HIGH7.8The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding wi…
from 0, < 7:3.1.4-1
HIGH7.8The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a…
from 0, < 7:3.1.4-1
HIGH7.8The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corrupti…
from 0, < 7:3.1.2-1
HIGH7.5An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Serv…
from 0
HIGH7.5Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswscale/output.c in FFmpeg 8.0.
from 0, < 7:4.3.9-0+deb11u2
HIGH7.5ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u2
HIGH7.5ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u2
HIGH7.5FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
from 0, < 7:4.3.8-0+deb11u1
HIGH7.5Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.
from 0, < 7:6.1-1
HIGH7.5ffmpeg - security update
from 0, < 7:4.3.6-0+deb11u1
HIGH7.5ffmpeg - security update
from 0, < 7:4.1.11-0+deb10u1
HIGH7.5ffmpeg - security update
from 0, < 7:4.3.6-0+deb11u1
HIGH7.5FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.
from 0, < 7:4.3.3-0+deb11u1
HIGH7.5Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
from 0, < 7:4.3-2
HIGH7.5FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service.
from 0, < 7:4.3.3-0+deb11u1
HIGH7.5ffmpeg - security update
from 0, < 7:4.3.2-0+deb11u2
HIGH7.5ffmpeg - security update
from 0, < 7:3.2.15-0+deb9u3
HIGH7.5decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zer…
from 0, < 7:4.3.1-6
HIGH7.5ffmpeg - security update
from 0, < 7:3.2.14-1~deb9u1
HIGH7.5ffmpeg - security update
from 0, < 7:4.0.3-1
HIGH7.5libav - security update
from 0, < 7:2.2.1-1
HIGH7.5Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service.
from 0, < 7:2.4.1-1
HIGH7.5The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segme…
from 0, < 7:3.3.3-1
HIGH7.5There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of s…
from 0, < 7:2.3.1-1
HIGH7.5FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streami…
from 0, < 7:3.2.6-1
HIGH7.5Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denia…
from 0, < 7:3.1.3-1
HIGH7.3The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before p…
from 0, < 7:2.8.4-1
HIGH7.2A flaw was found in FFmpeg's DASH playlist support.
from 0, < 7:4.3.9-0+deb11u1
MEDIUM6.7Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_sho…
from 0, < 7:7.0.1-3
MEDIUM6.6FFmpeg 7.0 is vulnerable to Buffer Overflow.
from 0, < 7:7.0.1-3
MEDIUM6.5A flaw was found in FFmpeg.
from 0
MEDIUM6.5A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a cr…
from 0, < 7:4.3.8-0+deb11u3
MEDIUM6.5FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.
from 0, < 7:4.3.8-0+deb11u3
MEDIUM6.5An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the appl…
from 0, < 7:4.3.7-0+deb11u1
MEDIUM6.5A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c in FFmpeg 4.2.1 during computation of t…
from 0, < 7:4.2.2-1
MEDIUM6.5A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS…
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input function in af_acrossover.c.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the filter_frame function in vf_tile.c.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.…
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobu…
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is affected by: memory leak in the link_filter_inouts function…
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_buffersrc_add_frame_flags function in buffersrc.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memory leak in the v_frame_alloc function in frame.c.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the inavi_add_ientry function.
from 0, < 7:4.3-2
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c.
from 0
MEDIUM6.5A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote…
from 0, < 7:4.3.2-0+deb11u2
MEDIUM6.5Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of…
from 0, < 7:4.3-2
MEDIUM6.5Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tremolo.c, which could let a remote malic…
from 0, < 7:4.3-2
MEDIUM6.5Buffer Overflow vulnerability in FFmpeg 4.2 at the lagfun_frame16 function in libavfilter/vf_lagfun.c, which could let a remote malicious u…
from 0, < 7:4.3-2
MEDIUM6.5Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cau…
from 0, < 7:4.3.2-0+deb11u2
MEDIUM6.5Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicio…
from 0, < 7:4.3-2
MEDIUM6.5Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user…
from 0, < 7:4.3.2-0+deb11u2
MEDIUM6.5FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote malicious user to cause a Denial of…
from 0, < 7:4.3-2
MEDIUM6.5FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5ffmpeg - security update
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5ffmpeg - security update
from 0, < 7:4.1.8-0+deb10u1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.2.16-1+deb9u1
MEDIUM6.5ffmpeg - security update
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing.
from 0, < 7:4.3.1-6
MEDIUM6.5ffmpeg - security update
from 0, < 7:4.1.6-1~deb10u1
MEDIUM6.5ffmpeg - security update
from 0, < 7:4.2.1-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.2.15-0+deb9u1
MEDIUM6.5A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska form…
from 0, < 7:4.1.3-1
MEDIUM6.5In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska for…
from 0, < 7:4.1.3-1
MEDIUM6.5FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial o…
from 0, < 7:4.1.1-1
MEDIUM6.5FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can…
from 0, < 7:4.0.2-1
MEDIUM6.5FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can…
from 0, < 7:4.0.2-1
MEDIUM6.5FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can res…
from 0, < 7:4.0.2-1
MEDIUM6.5FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that ca…
from 0, < 7:4.0.2-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.2.12-1~deb9u1
MEDIUM6.5ffmpeg - security update
from 0, < 7:4.0.2-1
MEDIUM6.5libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero err…
from 0, < 7:4.0.2-1
MEDIUM6.5In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec m…
from 0, < 7:4.0.2-1
MEDIUM6.5In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser…
from 0, < 7:4.0.2-1
MEDIUM6.5In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpe…
from 0, < 7:4.0.2-1
MEDIUM6.5An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigge…
from 0, < 7:4.0.1-2
MEDIUM6.5An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an asserti…
from 0, < 7:3.4.3-1
MEDIUM6.5The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop…
from 0, < 7:3.4.3-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.4.3-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.2.11-1~deb9u1
MEDIUM6.5The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out o…
from 0, < 7:3.4.3-1
MEDIUM6.5The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of a…
from 0, < 7:4.0.1-2
MEDIUM6.5The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of arr…
from 0, < 7:3.4.2-1
MEDIUM6.5The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-o…
from 0, < 7:3.4.2-1
MEDIUM6.5In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ig…
from 0, < 7:3.1.1-1
MEDIUM6.5The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer derefer…
from 0, < 7:3.3.3-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.2.10-1~deb9u1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.4.1-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.4-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.2.9-1~deb9u1
MEDIUM6.5In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU…
from 0, < 7:3.3.4-1
MEDIUM6.5In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consum…
from 0, < 7:3.3.4-1
MEDIUM6.5In libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause hug…
from 0, < 7:3.3.4-1
MEDIUM6.5In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause…
from 0, < 7:3.3.4-1
MEDIUM6.5In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption.
from 0, < 7:3.3.4-1
MEDIUM6.5In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allo…
from 0, < 7:3.3.4-1
MEDIUM6.5In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption.
from 0, < 7:3.3.4-1
MEDIUM6.5In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory…
from 0, < 7:3.3.4-1
MEDIUM6.5libav - security update
from 0, < 7:3.3.4-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.3.4-1
MEDIUM6.5ffmpeg - security update
from 0, < 7:3.2.8-1~deb9u1
MEDIUM6.5Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service…
from 0, < 7:2.6.1-1
MEDIUM6.5The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (…
from 0, < 7:2.8.6-1
MEDIUM6.2FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in…
from 0, < 7:4.3.7-0+deb11u1
MEDIUM6.2ffmpeg - security update
from 0, < 7:5.1.8-0+deb12u1
MEDIUM6.2ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u2
MEDIUM6.2FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
from 0, < 7:4.3.7-0+deb11u1
MEDIUM5.9FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder.
from 0, < 7:4.3.9-0+deb11u2
MEDIUM5.5A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file.
from 0, < 7:7.1.2-0+deb13u1
MEDIUM5.5ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u2
MEDIUM5.5ffmpeg - security update
from 0, < 7:7.1.2-0+deb13u1
MEDIUM5.5In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient…
from 0
MEDIUM5.5Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause…
from 0, < 7:4.3.3-0+deb11u1
MEDIUM5.5ffmpeg - security update
from 0, < 7:4.3.4-0+deb11u1
MEDIUM5.5ffmpeg - security update
from 0, < 7:4.3.4-0+deb11u1
MEDIUM5.5FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of…
from 0, < 7:4.3.1-1
MEDIUM5.5Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it.
from 0, < 7:4.3-2
MEDIUM5.5libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.
from 0, < 7:4.3.3-0+deb11u1
MEDIUM5.5FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a…
from 0, < 7:4.3.1-1
MEDIUM5.5Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive…
from 0, < 7:2.5.3-1
MEDIUM5.5FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote…
from 0, < 7:3.2.4-1
MEDIUM5.5FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote…
from 0, < 7:3.2.4-1
MEDIUM5.5Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of serv…
from 0, < 7:2.4-1
MEDIUM5.5The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (all…
from 0, < 7:3.2.4-1
MEDIUM5.5The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before 3.1.5 allows remote attackers to cause a denial of service (assert fault…
from 0, < 7:3.1.5-1
MEDIUM5.5The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointe…
from 0, < 7:3.1.4-1
MEDIUM5.5The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert faul…
from 0, < 7:3.1.4-1
MEDIUM5.5The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer o…
from 0, < 7:3.1.4-1
MEDIUM5.5The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has…
from 0, < 7:3.1.4-1
MEDIUM5.5The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that…
from 0, < 7:3.1.4-1
MEDIUM5.5The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service…
from 0, < 7:3.1.3-1
MEDIUM5.5FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live S…
from 0, < 7:2.8.5-1
MEDIUM5.5libav - security update
from 0, < 7:2.8.5-1
MEDIUM5.4Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c).
from 0, < 7:8.1-1
MEDIUM5.3A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures.
from 0, < 7:4.3.9-0+deb11u2
MEDIUM5.3ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c.
from 0, < 7:7.1.1-1
MEDIUM5.3ffmpeg - security update
from 0, < 7:7.1.3-0+deb13u1
MEDIUM5.3ffmpeg - security update
from 0, < 7:7.1.3-0+deb13u1
MEDIUM5.3ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u3
MEDIUM5.3ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u3
MEDIUM5.3A flaw was found in FFmpeg.
from 0, < 7:4.3.9-0+deb11u1
MEDIUM5.3ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u1
MEDIUM5.3ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u1
MEDIUM5.3FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certai…
from 0, < 7:7.1-3
MEDIUM5.3FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c.
from 0, < 7:5.1.5-0+deb12u1
MEDIUM5.3A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file.
from 0, < 7:4.3.6-0+deb11u1
MEDIUM4.7A flaw was found in FFmpeg's HLS demuxer.
from 0
MEDIUM4.0FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in the…
from 0, < 7:5.1.7-0+deb12u1
LOW3.6Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_rever…
from 0, < 7:7.0.1-3
—It is possible to cause an use-after-free write in SANM decoding with a carefully crafted animation using subversion <2.
from 0
—When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixe…
from 0, < 7:5.1.7-0+deb12u1
—When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by…
from 0, < 7:5.1.7-0+deb12u1
—When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when u…
from 0, < 7:5.1.7-0+deb12u1
—When parsing the header for a DHAV file, there's an integer underflow in offset calculation that leads to reading the duration from before…
from 0
—When decoding a frame for a SANM file (ANIM v0 variant), the decoded data can be larger than the buffer allocated for it.
from 0
—A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denia…
from 0, < 7:4.3.9-0+deb11u2
—A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb.
from 0, < 7:7.1.1-1
—libav - security update
from 0, < 7:2.8.3-1
—Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2…
from 0, < 7:2.8.3-1
—The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 doe…
from 0, < 7:2.8.3-1
—The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on t…
from 0, < 7:2.8.2-1
—The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote a…
from 0, < 7:2.8.2-1
—The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows r…
from 0, < 7:2.8.2-1
—The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remo…
from 0, < 7:2.8.2-1
—The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products…
from 0, < 7:2.8.1-1
—The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, whi…
from 0, < 7:2.7.2-1
—The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which…
from 0, < 7:2.7.2-1
—The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows…
from 0, < 7:2.7.2-1
—The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote att…
from 0, < 7:2.7.2-1
—libav - security update
from 0, < 7:2.7.2-1
—The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which all…
from 0, < 7:2.7.2-1
—The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proce…
from 0, < 7:2.7.2-1
—Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to…
from 0, < 7:2.7.2-1
—The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chu…
from 0, < 7:2.7.2-1
—libav - security update
from 0, < 7:2.5.4-1
—libav - security update
from 0, < 7:2.6.2-1
—Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cau…
from 0, < 7:2.6.1-1
—Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote att…
from 0, < 7:2.4.2-1
—libav - security update
from 0, < 7:2.5.1-1
—libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a…
from 0, < 7:2.5.1-1
—The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value a…
from 0, < 7:2.5.1-1
—libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical…
from 0, < 7:2.5.1-1
—The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remo…
from 0, < 2.4.4-1
—The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers…
from 0, < 2.4.4-1
—libav - security update
from 0, < 2.4.4-1
—The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote at…
from 0, < 2.4.4-1
—libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a…
from 0, < 7:2.4.3-1
—Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or…
from 0, < 7:2.4.3-1
—libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of serv…
from 0, < 7:2.4.3-1
—Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access…
from 0, < 7:2.4.3-1
—libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which…
from 0, < 7:2.4.3-1
—libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial…
from 0, < 7:2.4.3-1
—libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows…
from 0, < 7:2.4.3-1
—libav - security update
from 0, < 7:2.4.3-1
—libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whe…
from 0, < 7:2.4.3-1
—libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have un…
from 0, < 7:2.4.1-1
—The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier,…
from 0, < 7:2.4.1-1
—libav - security update
from 0, < 7:2.4.1-1
—libav - security update
from 0, < 7:2.4.1-1
—The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which all…
from 0, < 7:2.4.1-1
—The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote at…
from 0, < 7:2.4.1-1
—Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of…
from 0, < 7:2.4.1-1
—The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows…
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 4:0.5.6-3
—The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via cr…
from 0, < 7:2.4.1-1
—libav - several
from 0, < 7:2.4.1-1
—The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vec…
from 0, < 7:2.4.1-1
—libav - security update
from 0, < 7:2.4.1-1
—The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATR…
from 0, < 7:2.4.1-1
—The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted App…
from 0, < 7:2.4.1-1
—The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified…
from 0, < 7:2.4.1-1
—The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafte…
from 0, < 7:2.4.1-1
—The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a c…
from 0, < 7:2.4.1-1
—The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted w…
from 0, < 7:2.4.1-1
—Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unsp…
from 0, < 7:2.4.1-1
—libav - several
from 0, < 7:2.4.1-1
—The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted H.264…
from 0, < 7:2.4.1-1
—libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to a…
from 0, < 7:2.4.1-1
—The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check when the pixel format changes, which a…
from 0, < 7:2.4.1-1
—The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an uns…
from 0, < 7:2.4.1-1
—The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a…
from 0, < 7:2.4.1-1
—The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invali…
from 0, < 7:2.4.1-1
—The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coor…
from 0, < 7:2.4.1-1
—The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which a…
from 0, < 7:2.4.1-1
—The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers,…
from 0, < 7:2.4.1-1
—The iff_read_header function in iff.c in libavformat in FFmpeg through 1.1.3 does not properly handle data sizes for Interchange File Forma…
from 0, < 7:2.4.1-1
—The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between…
from 0, < 7:2.4.1-1
—Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, a…
from 0, < 7:2.4.1-1
—Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have uns…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors,…
from 0, < 7:2.4.1-1
—Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impac…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impa…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in the decode_frame function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in the decode_cell_data function in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has un…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 an…
from 0, < 7:2.4.1-1
—Unspecified vulnerability in the ff_rv34_decode_frame function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and…
from 0, < 7:2.4.1-1
—The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before…
from 0, < 7:2.4.1-1
—Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x befo…
from 0, < 7:2.4.1-1
—The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse_coeff functions in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.…
from 0, < 7:2.4.1-1
—Heap-based buffer overflow in the vqa_decode_chunk function in the VQA codec (vqavideo.c) in libavcodec in Libav 0.5.x before 0.5.9, 0.6.x…
from 0, < 7:2.4.1-1
—The render_line function in the vorbis codec (vorbis.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of s…
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 4:0.5.10-1
—ffmpeg - several
from 0, < 7:2.2.1-1
—The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in libavcodec in FFmpeg 0.7.x before 0.7.12, and 0.8.x before 0.8.11; an…
from 0, < 7:2.4.1-1
—The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x…
from 0, < 7:2.4.1-1
—The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x befo…
from 0, < 7:2.4.1-1
—The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.…
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 4:0.5.9-1
—Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x…
from 0, < 7:2.4.1-1
—nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x be…
from 0, < 7:2.4.1-1
—The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x be…
from 0, < 7:2.4.1-1
—The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9,…
from 0, < 7:2.4.1-1
—Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service…
from 0, < 7:2.4.1-1
—Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a d…
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 4:0.5.8-1
—Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 all…
from 0, < 7:2.4.1-1
—cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write…
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 4:0.5.5-1
—The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary co…
from 0, < 7:2.4.1-1
—Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 20…
from 0, < 7:2.4.1-1
—The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other produ…
from 0, < 7:2.4.1-1
—The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations,…
from 0, < 7:2.4.1-1
—FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly e…
from 0, < 7:2.4.1-1
—FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption an…
from 0, < 7:2.4.1-1
—ffmpeg - several
from 0, < 4:0.5.4-1
—ffmpeg - several
from 0, < 7:2.4.1-1
—libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application…
from 0, < 7:2.4.1-1
—Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before…
from 0, < 7:2.4.1-1
—ffmpeg-debian - buffer overflow
from 0, < 4:0.5.2-6
—Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code vi…
from 0, < 4:0.5+svn20090706-3
—The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI…
from 0, < 7:2.4.1-1
—Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown…
from 0, < 4:0.5+svn20090706-3
—FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigge…
from 0, < 4:0.5+svn20090706-3
—FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop.
from 0, < 4:0.5+svn20090706-3
—FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improp…
from 0, < 4:0.5+svn20090706-3
—Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a cra…
from 0, < 4:0.5+svn20090706-3
—vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause…
from 0, < 4:0.5+svn20090706-3
—oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive…
from 0, < 4:0.5+svn20090706-3
—ffmpeg-debian - several vulnerabilities
from 0, < 4:0.5+svn20090706-3
—Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to…
from 0, < 0.svn20080206-16
—Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknow…
from 0, < 0.svn20080206-14
—mplayer - arbitrary code execution
from 0, < 0.svn20080206-14
—mplayer - arbitrary code execution
from 0, < 7:2.4.1-1
—The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly re…
from 0, < 0.svn20080206-16
—ffmpeg ffmpeg-debian - arbitrary code execution
from 0, < 0.cvs20060823-8+etch1
—ffmpeg ffmpeg-debian - arbitrary code execution
from 0, < 0.svn20080206-10
—Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly ex…
from 0, < 0.cvs20060329-1
—ffmpeg - buffer overflow
from 0, < 0.cvs20050918-5.1
—ffmpeg - buffer overflow
from 0, < 0.cvs20050313-2sarge1