CVE search results

291 – 300 of 538 results

Detailed view

Sort by:

CVE-2016-10192

Medium priority

Some fixes available 1 of 4

Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	Not affected
libav	—	—	—	Not in release

CVE-2016-10191

Medium priority

Some fixes available 1 of 4

Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP...

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	Not affected
libav	—	—	—	Not in release

CVE-2016-10190

Medium priority

Some fixes available 1 of 4

Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.

2 affected packages

ffmpeg, libav

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	Not affected
libav	—	—	—	Not in release

CVE-2016-5115

Low priority

Ignored

The avcodec_decode_audio4 function in libavcodec in libavformat 57.34.103, as used in MPlayer, allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file.

3 affected packages

ffmpeg, libav, mplayer

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	Not affected	Not affected	Not affected
libav	—	Not in release	Not in release	Not in release
mplayer	—	Not affected	Not affected	Not affected

CVE-2017-5025

Medium priority

Some fixes available 13 of 16

FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file.

3 affected packages

chromium-browser, ffmpeg, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
ffmpeg	—	—	—	Not affected
oxide-qt	—	—	—	Not in release

CVE-2017-5024

Medium priority

Some fixes available 13 of 16

3 affected packages

chromium-browser, ffmpeg, oxide-qt

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	—	—	—	Fixed
ffmpeg	—	—	—	Not affected
oxide-qt	—	—	—	Not in release

CVE-2016-6920

Medium priority

Ignored

Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions.

1 affected package

ffmpeg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	Not affected

CVE-2016-6164

Medium priority

Fixed

Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size.

1 affected package

ffmpeg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	—

CVE-2016-9561

Low priority

Some fixes available 2 of 4

The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (allocation of huge memory, and being killed by the OS) via a crafted MOV file.

1 affected package

ffmpeg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	Not affected

CVE-2016-8595

Medium priority

Ignored

The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before 3.1.5 allows remote attackers to cause a denial of service (assert fault) via a crafted AVI file.

1 affected package

ffmpeg

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	Not affected

Export to JSON

Results by page:

Search CVE reports