Ffmpeg

ffmpeg

Vendor: Ffmpeg • 480 CVEs

CVEs (480)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2018-14394 1Ffmpeg 1Ffmpeg Nov 21, 2024 Jul 19, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.
CVE-2018-13305 1Ffmpeg 1Ffmpeg Nov 21, 2024 Jul 5, 2018 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to...Show more In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service.Show less
CVE-2018-13304 1Ffmpeg 1Ffmpeg Nov 21, 2024 Jul 5, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, lea...Show more In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to error_resilience.c, h263dec.c, and mpeg4videodec.c.Show less
CVE-2018-13303 1Ffmpeg 1Ffmpeg Nov 21, 2024 Jul 5, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to...Show more In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.Show less
CVE-2018-13302 2Debian Ffmpeg 2Debian Linux Ffmpeg Nov 21, 2024 Jul 5, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access...Show more In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or possibly unspecified other impact.Show less
CVE-2018-13301 1Ffmpeg 1Ffmpeg Nov 21, 2024 Jul 5, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AV...Show more In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.Show less
CVE-2018-13300 2Debian Ffmpeg 2Debian Linux Ffmpeg Nov 21, 2024 Jul 5, 2018 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a craft...Show more In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure.Show less
CVE-2018-12460 1Ffmpeg 1Ffmpeg Nov 21, 2024 Jun 15, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvid...Show more libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.Show less
CVE-2018-12459 1Ffmpeg 1Ffmpeg Nov 21, 2024 Jun 15, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to...Show more An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.Show less
CVE-2018-12458 2Debian Ffmpeg 2Debian Linux Ffmpeg Nov 21, 2024 Jun 15, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of...Show more An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.Show less
CVE-2018-7751 1Ffmpeg 1Ffmpeg Nov 21, 2024 Apr 24, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.
CVE-2018-10001 2Debian Ffmpeg 2Debian Linux Ffmpeg Nov 21, 2024 Apr 11, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.
CVE-2018-9841 1Ffmpeg 1Ffmpeg Nov 21, 2024 Apr 7, 2018 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.
CVE-2018-7557 2Debian Ffmpeg 2Debian Linux Ffmpeg Nov 21, 2024 Feb 28, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling d...Show more The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.Show less
CVE-2018-6912 1Ffmpeg 1Ffmpeg Nov 21, 2024 Feb 12, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
CVE-2012-5360 1Ffmpeg 1Ffmpeg Nov 21, 2024 Feb 8, 2018 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file.
CVE-2012-5359 1Ffmpeg 1Ffmpeg Nov 21, 2024 Feb 8, 2018 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.
CVE-2018-6621 2Debian Ffmpeg 2Debian Linux Ffmpeg Nov 21, 2024 Feb 5, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
CVE-2018-6392 2Debian Ffmpeg 2Debian Linux Ffmpeg Nov 21, 2024 Jan 29, 2018 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file.
CVE-2015-1208 1Ffmpeg 1Ffmpeg Nov 21, 2024 Jan 9, 2018 N/A· v4 5.5 MEDIUM· v3 4.3 MEDIUM· v2 Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.

Previous 1...91011...24 Next