CVE search results

141 – 150 of 314 results

Detailed view

Sort by:

CVE-2016-10190

Medium priority

Some fixes available 1 of 4

Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	Not affected	Fixed
libav	—	—	—	Not in release	Not in release

CVE-2016-5115

Low priority

Ignored

The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.

3 affected packages

ffmpeg, libav, mplayer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	Not affected	Not affected	Not affected	Ignored
libav	—	Not in release	Not in release	Not in release	Not in release
mplayer	—	Not affected	Not affected	Not affected	Not affected

CVE-2016-5199

Medium priority

Some fixes available 13 of 17

An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for Windows, and 54.0.2840.100 for Linux, and 55.0.2883.84 for Android allowed a...

4 affected packages

chromium-browser, ffmpeg, libav, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	—	—	—	Fixed	Fixed
ffmpeg	—	—	—	Fixed	Not affected
libav	—	—	—	Not in release	Not in release
oxide-qt	—	—	—	Not in release	Fixed

CVE-2016-7424

Low priority

Fixed

The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3 file.

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	Not affected	Not affected
libav	—	—	—	Not in release	Not in release

CVE-2016-5637

Medium priority

Needs evaluation

The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a...

5 affected packages

chromium-browser, ffmpeg, gst-libav1.0, oxide-qt, vlc

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
chromium-browser	Not affected	Not affected	Not affected	Not affected	Not affected
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
oxide-qt	Not in release	Not in release	Not in release	Not in release	Not affected
vlc	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2016-3062

Medium priority

Some fixes available 1 of 4

The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in...

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	Not affected	Not affected
libav	—	—	—	Not in release	Not in release

CVE-2016-2329

Medium priority

Some fixes available 5 of 6

libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly...

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	Fixed	Fixed
libav	—	—	—	Not in release	Not in release

CVE-2016-2328

Medium priority

Some fixes available 5 of 6

libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a denial of service (out-of-bounds array read access) or possibly have unspecified other impact...

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	Fixed	Fixed
libav	—	—	—	Not in release	Not in release

CVE-2016-2327

Medium priority

Some fixes available 5 of 6

libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact...

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	Fixed	Fixed
libav	—	—	—	Not in release	Not in release

CVE-2016-2330

Medium priority

Some fixes available 6 of 7

libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted...

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
ffmpeg	—	—	—	Fixed	Fixed
libav	—	—	—	Not in release	Not in release

Export to JSON

Results by page:

Search CVE reports