Search CVE reports
211 – 220 of 479 results
CVE-2017-9994
Medium prioritySome fixes available 1 of 4
libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of...
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | Not affected | Not affected | Not affected | Not affected | Fixed |
libav | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2017-9993
Medium prioritySome fixes available 1 of 4
FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files...
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | Not affected | Not affected | Not affected | Not affected | Fixed |
libav | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2017-9992
Medium prioritySome fixes available 1 of 4
Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of...
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | Not affected | Not affected | Not affected | Not affected | Fixed |
libav | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2017-9991
Medium prioritySome fixes available 1 of 4
Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a...
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | Not affected | Not affected | Not affected | Not affected | Fixed |
libav | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2017-9990
Medium priorityStack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact...
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | — | — | — | — | Not affected |
libav | — | — | — | — | Not in release |
CVE-2015-1207
Low priorityDouble-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.
3 affected packages
chromium-browser, ffmpeg, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Not affected | Not affected |
ffmpeg | — | — | — | Not affected | Not affected |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2017-9051
Medium prioritylibav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
2 affected packages
ffmpeg, libav
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
libav | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2017-5051
Medium prioritySome fixes available 7 of 18
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to...
3 affected packages
chromium-browser, ffmpeg, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
ffmpeg | — | — | — | Ignored | Ignored |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2017-5050
Medium prioritySome fixes available 7 of 18
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to...
3 affected packages
chromium-browser, ffmpeg, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
ffmpeg | — | — | — | Ignored | Ignored |
oxide-qt | — | — | — | Not in release | Ignored |
CVE-2017-5049
Medium prioritySome fixes available 7 of 18
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to...
3 affected packages
chromium-browser, ffmpeg, oxide-qt
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
chromium-browser | — | — | — | Fixed | Fixed |
ffmpeg | — | — | — | Ignored | Ignored |
oxide-qt | — | — | — | Not in release | Ignored |