Filtered by vendor Ffmpeg
Subscriptions
Filtered by product Ffmpeg
Subscriptions
Total
477 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-4636 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. | ||||
| CVE-2011-3504 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2013-0860 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a frame is fully initialized, which allows remote attackers to trigger a NULL pointer dereference via crafted picture data. | ||||
| CVE-2013-0865 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood Studios VQA Video file, which triggers an out-of-bounds write. | ||||
| CVE-2013-0866 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access. | ||||
| CVE-2013-0873 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses." | ||||
| CVE-2012-2772 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Unspecified vulnerability in the ff_rv34_decode_frame function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing with frame threading." | ||||
| CVE-2013-7016 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | ||||
| CVE-2013-0875 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access. | ||||
| CVE-2013-7008 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data. | ||||
| CVE-2011-3936 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DV file. | ||||
| CVE-2011-3934 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data. | ||||
| CVE-2013-0845 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write. | ||||
| CVE-2013-0846 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted QDM2 data, which triggers an out-of-bounds array access. | ||||
| CVE-2013-0856 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value. | ||||
| CVE-2013-7022 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data. | ||||
| CVE-2013-7021 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via crafted data. | ||||
| CVE-2013-7020 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2025-04-11 | N/A |
| The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data. | ||||
| CVE-2013-7019 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | ||||
| CVE-2013-7018 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | ||||