Filtered by vendor Ffmpeg
Subscriptions
Filtered by product Ffmpeg
Subscriptions
Total
440 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-3946 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop. | ||||
CVE-2011-3940 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2024-08-06 | N/A |
nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams." | ||||
CVE-2011-3929 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2024-08-06 | N/A |
The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly execute arbitrary code via a crafted DV file. | ||||
CVE-2011-3949 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
The dirac_unpack_idwt_params function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data. | ||||
CVE-2011-3941 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block index, which triggers an out-of-bounds write. | ||||
CVE-2011-3937 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2024-08-06 | N/A |
The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changing with frame threads." | ||||
CVE-2011-3936 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2024-08-06 | N/A |
The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DV file. | ||||
CVE-2011-3944 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data. | ||||
CVE-2011-3935 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to a crafted image size. | ||||
CVE-2011-3504 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. | ||||
CVE-2011-2160 | 2 Ffmpeg, Mplayerhq | 2 Ffmpeg, Mplayer | 2024-08-06 | N/A |
The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723. | ||||
CVE-2011-1931 | 3 Ffmpeg, Libav, Videolan | 4 Ffmpeg, Libavcodec, Libav and 1 more | 2024-08-06 | N/A |
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file. | ||||
CVE-2011-0722 | 2 Ffmpeg, Mplayerhq | 2 Ffmpeg, Mplayer | 2024-08-06 | N/A |
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file. | ||||
CVE-2011-0723 | 2 Ffmpeg, Mplayer | 2 Ffmpeg, Mplayer | 2024-08-06 | N/A |
FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file. | ||||
CVE-2012-6618 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related to frame size or lack of sufficient "frames to estimate rate." | ||||
CVE-2012-5359 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file. | ||||
CVE-2012-5360 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file. | ||||
CVE-2012-5361 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-06 | N/A |
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file. | ||||
CVE-2012-2803 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2024-08-06 | N/A |
Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size value. | ||||
CVE-2012-2788 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2024-08-06 | N/A |
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk." |