Search CVE reports
361 – 370 of 538 results
Some fixes available 2 of 9
libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have...
3 affected packages
ffmpeg, libav, mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected |
| libav | — | — | — | Not in release |
| mplayer | — | — | — | Not affected |
Some fixes available 2 of 9
libavcodec/utils.c in FFmpeg before 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote attackers to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via...
3 affected packages
ffmpeg, libav, mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected |
| libav | — | — | — | Not in release |
| mplayer | — | — | — | Not affected |
Some fixes available 2 of 9
libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whether an image size has changed, which allows remote attackers to cause a denial of service...
3 affected packages
ffmpeg, libav, mplayer
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | Not affected |
| libav | — | — | — | Not in release |
| mplayer | — | — | — | Not affected |
The msrle_decode_frame function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly...
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
libavcodec/wmalosslessdec.c in FFmpeg before 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other...
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
The tak_decode_frame function in libavcodec/takdec.c in FFmpeg before 2.1.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or...
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier, allows remote attackers to have unspecified impact and vectors, which trigger...
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ffmpeg | — | — | — | — |
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related...
3 affected packages
libav, qtwebengine-opensource-src, ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libav | Not in release | Not in release | Not in release | Not in release |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ffmpeg | Not affected | Not affected | Not affected | Not affected |
The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.
9 affected packages
chromium-browser, ffmpeg, gstreamer0.10-ffmpeg, kino, libav...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not in release | Not affected |
| ffmpeg | Not affected | Not affected | Not affected | Not affected |
| gstreamer0.10-ffmpeg | Not in release | Not in release | Not in release | Not in release |
| kino | Not in release | Not affected | Not affected | Not affected |
| libav | Not in release | Not in release | Not in release | Not in release |
| oxide-qt | Not in release | Not in release | Not in release | Not in release |
| mythtv | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| gst-libav1.0 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via crafted 3GPP TS 26.245 data.
7 affected packages
chromium-browser, ffmpeg, libav, oxide-qt, mythtv...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not in release | Not affected |
| ffmpeg | Not affected | Not affected | Not affected | Not affected |
| libav | Not in release | Not in release | Not in release | Not in release |
| oxide-qt | Not in release | Not in release | Not in release | Not in release |
| mythtv | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| qtwebengine-opensource-src | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| gst-libav1.0 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |