Filtered by vendor Ffmpeg
Subscriptions
Filtered by product Ffmpeg
Subscriptions
Total
477 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0858 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted Shorten file, related to an "invalid free". | ||||
| CVE-2012-2783 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to "freeing the returned frame." | ||||
| CVE-2012-2772 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Unspecified vulnerability in the ff_rv34_decode_frame function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing with frame threading." | ||||
| CVE-2012-2774 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The ff_MPV_frame_start function in libavcodec/mpegvideo.c in FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) via unspecified vectors, related to starting "a frame outside SETUP state." | ||||
| CVE-2012-2791 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in the (1) decode_band_hdr function in indeo4.c and (2) ff_ivi_decode_blocks function in ivi_common.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, have unknown impact and attack vectors, related to the "transform size." | ||||
| CVE-2012-2795 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to (1) size of "mclms arrays," (2) "a get_bits(0) in decode_ac_filter," and (3) "too many bits in decode_channel_residues()." | ||||
| CVE-2012-2800 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches parameters" and triggers "writing into a too small array." | ||||
| CVE-2012-2803 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value. | ||||
| CVE-2012-6618 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate." | ||||
| CVE-2013-0876 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Multiple integer overflows in the (1) old_codec37 and (2) old_codec47 functions in libavcodec/sanm.c in FFmpeg before 1.1.3 allow remote attackers to have an unspecified impact via crafted LucasArts Smush data, which triggers an out-of-bounds array access. | ||||
| CVE-2013-0877 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted LucasArts Smush data that has a large size when decoded, related to an out-of-bounds array access. | ||||
| CVE-2013-0878 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted Targa image data, related to an out-of-bounds array access. | ||||
| CVE-2013-2276 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The avcodec_decode_audio4 function in utils.c in libavcodec in FFmpeg before 1.1.3 does not verify the decoding state before proceeding with certain skip operations, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted audio data. | ||||
| CVE-2013-2277 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between luma depth and chroma depth, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted H.264 data. | ||||
| CVE-2013-2496 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) or possibly have unspecified other impact via crafted Microsoft RLE data. | ||||
| CVE-2013-3670 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted RLE data. NOTE: the vendor has listed this as an issue fixed in 1.2.1, but the issue is actually in new code that was not shipped with the 1.2.1 release or any earlier release. | ||||
| CVE-2013-3671 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The format_line function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via crafted data that triggers a log message. | ||||
| CVE-2013-3672 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coordinate and a width value, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted American Laser Games (ALG) MM Video data. | ||||
| CVE-2013-3673 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The gif_decode_frame function in gifdec.c in libavcodec in FFmpeg before 1.2.1 does not properly manage the disposal methods of frames, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted GIF data. | ||||
| CVE-2013-3674 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The cdg_decode_frame function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service (out-of-bounds array access and application crash) via crafted CD Graphics Video data. | ||||