Search CVE reports


Toggle filters

141 – 150 of 356 results


CVE-2015-1206

Medium priority

Some fixes available 7 of 17

Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file.

6 affected packages

chromium-browser, ffmpeg, gst-libav1.0, mythtv, oxide-qt, vlc

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Fixed
ffmpeg Not affected
gst-libav1.0 Not affected
mythtv Not affected
oxide-qt Not in release
vlc Not affected
Show less packages

CVE-2017-14767

Medium priority

Some fixes available 1 of 3

The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages

CVE-2017-14225

Low priority

Some fixes available 1 of 3

The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages

CVE-2017-14223

Low priority

Some fixes available 1 of 3

In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted ASF file, which claims a large "ict" field in the header but...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages

CVE-2017-14222

Low priority

Some fixes available 1 of 3

In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption. When a crafted MOV file, which claims a large "item_count" field in the header but...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages

CVE-2013-0870

Medium priority
Ignored

The 'vp3_decode_frame' function in FFmpeg 1.1.4 moves threads check out of header packet type check.

4 affected packages

ffmpeg, ffmpeg-extra, libav, libav-extra

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg
ffmpeg-extra
libav
libav-extra
Show less packages

CVE-2017-11719

Medium priority
Ignored

The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages

CVE-2017-11665

Medium priority

Some fixes available 1 of 3

The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages

CVE-2017-11684

Medium priority
Vulnerable

There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input.

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-9996

Medium priority

Some fixes available 1 of 4

The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not exclude the CHUNKY format, which allows...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release Not in release Not in release
Show less packages