Search CVE reports
171 – 180 of 314 results
CVE-2015-6819
Low priorityMultiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2015-6826
Low prioritySome fixes available 1 of 3
The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access)...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2015-6824
Medium prioritySome fixes available 1 of 3
The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service (segmentation violation) or possibly have...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2015-6820
Medium prioritySome fixes available 1 of 3
The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2015-6818
Medium prioritySome fixes available 1 of 2
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2015-1872
Low prioritySome fixes available 1 of 25
The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of...
4 affected packages
gst-libav1.0, gstreamer0.10-ffmpeg, kino, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| gst-libav1.0 | Not affected | Not affected | Not affected | Not affected | Not affected |
| gstreamer0.10-ffmpeg | Not in release | Not in release | Not in release | Not in release | Not in release |
| kino | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| libav | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2015-3395
Low prioritySome fixes available 13 of 20
The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have...
4 affected packages
chromium-browser, ffmpeg, libav, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | Fixed | Fixed |
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
| oxide-qt | — | — | — | Not in release | Not affected |
CVE-2015-3417
Low prioritySome fixes available 1 of 4
Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2014-9676
Medium prioritySome fixes available 1 of 3
The seg_write_packet function in libavformat/segment.c in ffmpeg 2.1.4 and earlier does not free the correct memory location, which allows remote attackers to cause a denial of service ("invalid memory handler") and possibly...
2 affected packages
ffmpeg, libav
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected | Not affected |
| libav | — | — | — | Not in release | Not in release |
CVE-2014-7937
Medium prioritySome fixes available 8 of 12
Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other...
3 affected packages
chromium-browser, libav, oxide-qt
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | — | — | — | — | — |
| libav | — | — | — | — | — |
| oxide-qt | — | — | — | — | — |