Libav

libav

108 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Libav

libav

108 CVEs

CVEs (108)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-3062 4Debian FfmpegLibav+1 more 4Debian Linux FfmpegLeap+1 more May 6, 2026 Jun 16, 2016 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dr...Show more The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.Show less
CVE-2015-5479 3Libav OpensuseUbuntu 3Leap LibavUbuntu May 6, 2026 Apr 19, 2016 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted dimensions.
CVE-2015-3395 3Canonical FfmpegLibav 3Ffmpeg LibavUbuntu Linux May 6, 2026 Jun 16, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers...Show more The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access.Show less
CVE-2014-5271 2Ffmpeg Libav 2Ffmpeg Libav May 6, 2026 Nov 3, 2014 N/A· v4 N/A· v3 7.5 HIGH· v2 Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers...Show more Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.Show less
CVE-2014-3984 1Libav 1Libav May 6, 2026 Jun 6, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and vectors.
CVE-2011-3937 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Jan 5, 2013 N/A· v4 N/A· v3 10.0 HIGH· v2 The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0...Show more The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changing with frame threads."Show less
CVE-2012-5144 4Canonical GoogleLibav+1 more 4Chrome LibavOpensuse+1 more Apr 29, 2026 Dec 12, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possib...Show more Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via vectors related to "an off-by-one overwrite when switching to LTP profile from MAIN."Show less
CVE-2012-2804 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width.
CVE-2012-2803 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting t...Show more Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value.Show less
CVE-2012-2802 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "...Show more Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes."Show less
CVE-2012-2801 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and "out of array writes."
CVE-2012-2800 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which th...Show more Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches parameters" and triggers "writing into a too small array."Show less
CVE-2012-2798 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array wri...Show more Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."Show less
CVE-2012-2797 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors related to a calculation that prevents a...Show more Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors related to a calculation that prevents a frame from being "large enough."Show less
CVE-2012-2796 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice posit...Show more Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that trigger "out of array writes."Show less
CVE-2012-2794 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "allocated ti...Show more Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "allocated tile size ... mismatches parameters."Show less
CVE-2012-2793 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the lag_decode_zero_run_line function in libavcodec/lagarith.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors related to "to...Show more Unspecified vulnerability in the lag_decode_zero_run_line function in libavcodec/lagarith.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors related to "too many zeros."Show less
CVE-2012-2791 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Multiple unspecified vulnerabilities in the (1) decode_band_hdr function in indeo4.c and (2) ff_ivi_decode_blocks function in ivi_common.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x befo...Show more Multiple unspecified vulnerabilities in the (1) decode_band_hdr function in indeo4.c and (2) ff_ivi_decode_blocks function in ivi_common.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, have unknown impact and attack vectors, related to the "transform size."Show less
CVE-2012-2790 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "numb...Show more Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-block in BGMC mode."Show less
CVE-2012-2789 2Ffmpeg Libav 2Ffmpeg Libav Apr 29, 2026 Sep 10, 2012 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large numb...Show more Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large number of vector coded coefficients (num_vec_coeffs).Show less

Previous 1 2 345 6 Next