Search CVE reports

Toggle filters

261 – 270 of 531 results

CVE-2017-9996

Medium priority

Some fixes available 1 of 4

The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not exclude the CHUNKY format, which allows...

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-9995

Medium priority
Not affected

libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly...

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg
libav
Show less packages

CVE-2017-9994

Medium priority

Some fixes available 1 of 4

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of...

2 affected packages

libav, ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
ffmpeg Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-9993

Medium priority

Some fixes available 1 of 4

FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files...

2 affected packages

libav, ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
ffmpeg Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-9992

Medium priority

Some fixes available 1 of 4

Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of...

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-9991

Medium priority

Some fixes available 1 of 4

Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a...

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-9990

Medium priority
Not affected

Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact...

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg
libav
Show less packages

CVE-2015-1207

Low priority
Ignored

Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file.

3 affected packages

chromium-browser, ffmpeg, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected
ffmpeg Not affected
oxide-qt Not in release
Show less packages

CVE-2017-9051

Medium priority
Vulnerable

libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-5051

Medium priority

Some fixes available 7 of 18

An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to...

3 affected packages

chromium-browser, ffmpeg, oxide-qt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
ffmpeg Ignored
oxide-qt Not in release
Show less packages
  1. Previous page
  2. 25
  3. 26
  4. 27
  5. 28
  6. 29
  7. Next page
Export to JSON