Ffmpeg

ffmpeg

Vendor: Ffmpeg • 480 CVEs

CVEs (480)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2013-4358 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 24, 2013 N/A· v4 N/A· v3 5.0 MEDIUM· v2 libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to cause a denial of service (crash) via vectors related to alternating bit depths in H.264 data.
CVE-2013-7024 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service (out-of-bounds...Show more The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.Show less
CVE-2013-7023 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access)...Show more The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.Show less
CVE-2013-7022 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly h...Show more The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data.Show less
CVE-2013-7021 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have...Show more The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure the availability of FIFO content, which allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact via crafted data.Show less
CVE-2013-7020 2Debian Ffmpeg 2Debian Linux Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds arra...Show more The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data.Show less
CVE-2013-7019 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly h...Show more The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.Show less
CVE-2013-7018 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspeci...Show more libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block dimension values, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.Show less
CVE-2013-7017 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data.
CVE-2013-7016 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly ha...Show more The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.Show less
CVE-2013-7015 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or...Show more The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data.Show less
CVE-2013-7014 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Integer signedness error in the add_bytes_l2_c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other imp...Show more Integer signedness error in the add_bytes_l2_c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted PNG data.Show less
CVE-2013-7013 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or po...Show more The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 uses an incorrect ordering of arithmetic operations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data.Show less
CVE-2013-7012 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or po...Show more The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data.Show less
CVE-2013-7011 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly hav...Show more The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted FFV1 data.Show less
CVE-2013-7010 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data.
CVE-2013-7009 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or pos...Show more The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data.Show less
CVE-2013-7008 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecifi...Show more The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data.Show less
CVE-2011-4351 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2011-3950 1Ffmpeg 1Ffmpeg Apr 29, 2026 Dec 9, 2013 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number.

Previous 1...161718...24 Next