Filtered by vendor Ffmpeg
Subscribe
Total
460 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-2782 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the decode_slice_header function in libavcodec/h264.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to a "rejected resolution change." | |||||
| CVE-2010-4705 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 9.3 HIGH | N/A |
| Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480. | |||||
| CVE-2012-0849 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 4.3 MEDIUM | N/A |
| Integer overflow in the ff_j2k_dwt_init function in libavcodec/j2k_dwt.c in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted JPEG2000 image that triggers an incorrect check for a negative value. | |||||
| CVE-2012-2775 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large order and an "out of array write in quant_cof." | |||||
| CVE-2011-3937 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 10.0 HIGH | N/A |
| The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height changing with frame threads." | |||||
| CVE-2012-2792 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the decode_init function in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the samples per frame. | |||||
| CVE-2013-7022 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 6.8 MEDIUM | N/A |
| The g2m_init_buffers function in libavcodec/g2meet.c in FFmpeg before 2.1 does not properly allocate memory for tiles, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Go2Webinar data. | |||||
| CVE-2012-2777 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than CVE-2012-2784. | |||||
| CVE-2010-3429 | 2 Ffmpeg, Mplayerhq | 3 Ffmpeg, Libavcodec, Mplayer | 2025-04-11 | 6.8 MEDIUM | N/A |
| flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability." | |||||
| CVE-2011-3362 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 6.8 MEDIUM | N/A |
| Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file. | |||||
| CVE-2011-3973 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 5.0 MEDIUM | N/A |
| cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. | |||||
| CVE-2013-0875 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 9.3 HIGH | N/A |
| The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access. | |||||
| CVE-2013-0852 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 9.3 HIGH | N/A |
| The parse_picture_segment function in libavcodec/pgssubdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted RLE data, which triggers an out-of-bounds array access. | |||||
| CVE-2011-3940 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 6.8 MEDIUM | N/A |
| nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams." | |||||
| CVE-2013-0873 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 10.0 HIGH | N/A |
| The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses." | |||||
| CVE-2009-4640 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 4.3 MEDIUM | N/A |
| Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. | |||||
| CVE-2012-2798 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write." | |||||
| CVE-2013-7015 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 6.8 MEDIUM | N/A |
| The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Flash Screen Video data. | |||||
| CVE-2013-0866 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | 9.3 HIGH | N/A |
| The aac_decode_init function in libavcodec/aacdec.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an unspecified impact via a large number of channels in an AAC file, which triggers an out-of-bounds array access. | |||||
| CVE-2012-2787 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the decode_frame function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height." | |||||