Filtered by vendor Ffmpeg
Subscriptions
Filtered by product Ffmpeg
Subscriptions
Total
440 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-15942 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-05 | 8.8 High |
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer. | ||||
CVE-2019-13390 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | N/A |
In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c. | ||||
CVE-2019-13312 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | N/A |
block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read. | ||||
CVE-2019-12730 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | N/A |
aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables. | ||||
CVE-2019-11338 | 4 Canonical, Debian, Ffmpeg and 1 more | 4 Ubuntu Linux, Debian Linux, Ffmpeg and 1 more | 2024-08-04 | 8.8 High |
libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data. | ||||
CVE-2019-11339 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | N/A |
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data. | ||||
CVE-2019-9721 | 2 Canonical, Ffmpeg | 2 Ubuntu Linux, Ffmpeg | 2024-08-04 | 6.5 Medium |
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. | ||||
CVE-2019-9718 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2024-08-04 | 6.5 Medium |
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf. | ||||
CVE-2020-36138 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | 7.5 High |
An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS). | ||||
CVE-2020-35964 | 2 Ffmpeg, Linux | 2 Ffmpeg, Linux Kernel | 2024-08-04 | 6.5 Medium |
track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. | ||||
CVE-2020-35965 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-08-04 | 7.5 High |
decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. | ||||
CVE-2020-24995 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | 7.8 High |
Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local). | ||||
CVE-2020-24020 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | 8.8 High |
Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to memcpy without length checks, which could let a remote malicious user execute arbitrary code. | ||||
CVE-2020-23906 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | 5.5 Medium |
FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity. | ||||
CVE-2020-22056 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | 6.5 Medium |
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input function in af_acrossover.c. | ||||
CVE-2020-22038 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | 6.5 Medium |
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c. | ||||
CVE-2020-22035 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-08-04 | 8.8 High |
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences. | ||||
CVE-2020-22042 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-08-04 | 6.5 Medium |
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is affected by: memory leak in the link_filter_inouts function in libavfilter/graphparser.c. | ||||
CVE-2020-22046 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-08-04 | 6.5 Medium |
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c. | ||||
CVE-2020-22040 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-04 | 6.5 Medium |
A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memory leak in the v_frame_alloc function in frame.c. |