ReportizFlow
Filtered by vendor Ffmpeg
Subscriptions
Total
486 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0856 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value. | ||||
| CVE-2013-7024 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not consider the component number in certain calculations, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | ||||
| CVE-2013-3674 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data. | ||||
| CVE-2013-7017 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via crafted JPEG2000 data. | ||||
| CVE-2012-6617 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format. | ||||
| CVE-2013-7016 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the expected sample separation, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | ||||
| CVE-2013-3670 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted RLE data. NOTE: the vendor has listed this as an issue fixed in 1.2.1, but the issue is actually in new code that was not shipped with the 1.2.1 release or any earlier release. | ||||
| CVE-2013-4358 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| libavcodec/h264.c in FFmpeg before 0.11.4 allows remote attackers to cause a denial of service (crash) via vectors related to alternating bit depths in H.264 data. | ||||
| CVE-2011-3973 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. | ||||
| CVE-2013-0851 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access. | ||||
| CVE-2013-7014 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Integer signedness error in the add_bytes_l2_c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted PNG data. | ||||
| CVE-2013-2496 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted Microsoft RLE data. | ||||
| CVE-2013-7008 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The decode_slice_header function in libavcodec/h264.c in FFmpeg before 2.1 incorrectly relies on a certain droppable field, which allows remote attackers to cause a denial of service (deadlock) or possibly have unspecified other impact via crafted H.264 data. | ||||
| CVE-2009-4632 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. | ||||
| CVE-2009-4633 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. | ||||
| CVE-2013-0865 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large (1) cbp0 or (2) cbpz chunk in Westwood Studios VQA Video file, which triggers an out-of-bounds write. | ||||
| CVE-2009-4638 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2009-4639 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error. | ||||
| CVE-2013-4263 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote vectors related to a crafted "plane," which triggers an out-of-bounds heap write. | ||||
| CVE-2013-0877 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted LucasArts Smush data that has a large size when decoded, related to an out-of-bounds array access. | ||||