Total
105 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11224 | 1 Libav | 1 Libav | 2018-06-25 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Libav 12.3. A read access violation in the in_table_init16 function in libavcodec/aacsbr.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. | |||||
| CVE-2017-18242 | 1 Libav | 1 Libav | 2018-04-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file. | |||||
| CVE-2017-18243 | 1 Libav | 1 Libav | 2018-04-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file. | |||||
| CVE-2017-18244 | 1 Libav | 1 Libav | 2018-04-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply. | |||||
| CVE-2017-18247 | 1 Libav | 1 Libav | 2018-04-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file. | |||||
| CVE-2018-5684 | 1 Libav | 1 Libav | 2018-02-02 | 6.8 MEDIUM | 8.8 HIGH |
| In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file. | |||||
| CVE-2014-3984 | 1 Libav | 1 Libav | 2017-12-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and vectors. | |||||
| CVE-2017-17129 | 1 Libav | 1 Libav | 2017-12-15 | 6.8 MEDIUM | 8.8 HIGH |
| The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2017-17128 | 1 Libav | 1 Libav | 2017-12-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file. | |||||
| CVE-2017-7208 | 1 Libav | 1 Libav | 2017-11-03 | 5.8 MEDIUM | 7.1 HIGH |
| The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file. | |||||
| CVE-2016-9822 | 1 Libav | 1 Libav | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in libavcodec/mpeg12dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
| CVE-2016-9821 | 1 Libav | 1 Libav | 2017-11-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in libavcodec/mpegvideo_parser.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||
| CVE-2012-0852 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2017-08-28 | 6.8 MEDIUM | N/A |
| The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM file with the number of channels not equal to two. | |||||
| CVE-2012-0851 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2017-08-28 | 6.8 MEDIUM | N/A |
| The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted H.264 file, related to the chroma_format_idc value. | |||||
| CVE-2015-3395 | 3 Canonical, Ffmpeg, Libav | 3 Ubuntu Linux, Ffmpeg, Libav | 2017-06-30 | 6.8 MEDIUM | N/A |
| The msrle_decode_pal4 function in msrledec.c in Libav before 10.7 and 11.x before 11.4 and FFmpeg before 2.0.7, 2.2.x before 2.2.15, 2.4.x before 2.4.8, 2.5.x before 2.5.6, and 2.6.x before 2.6.2 allows remote attackers to have unspecified impact via a crafted image, related to a pixel pointer, which triggers an out-of-bounds array access. | |||||
| CVE-2017-9051 | 1 Libav | 1 Libav | 2017-05-24 | 7.5 HIGH | 9.8 CRITICAL |
| libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c. | |||||
| CVE-2016-9826 | 1 Libav | 1 Libav | 2017-03-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
| CVE-2016-9820 | 1 Libav | 1 Libav | 2017-03-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| libavcodec/mpegvideo_motion.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
| CVE-2016-9819 | 1 Libav | 1 Libav | 2017-03-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| libavcodec/mpegvideo.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. | |||||
| CVE-2016-9824 | 1 Libav | 1 Libav | 2017-03-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file. | |||||