Filtered by vendor Ffmpeg
Subscriptions
Total
489 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-14225 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dereference. (It is also conceivable that there is security relevance for a NULL pointer dereference in av_color_primaries_name calls within the ffprobe command-line program.) | ||||
| CVE-2017-14054 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted IVR file, which claims a large "len" field in the header but does not contain sufficient backing data, is provided, the first type==4 loop would consume huge CPU resources, since there is no EOF check inside the loop. | ||||
| CVE-2012-2805 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service. | ||||
| CVE-2017-11665 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream. | ||||
| CVE-2017-14059 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims a large "duration" field in the header but does not contain sufficient backing data, is provided, the image-offset parsing loop would consume huge CPU and memory resources, since there is no EOF check inside the loop. | ||||
| CVE-2017-15672 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2025-04-20 | N/A |
| The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read. | ||||
| CVE-2017-14171 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| In libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause huge CPU consumption. When a crafted NSV file, which claims a large "table_entries_used" field in the header but does not contain sufficient backing data, is provided, the loop over 'table_entries_used' would consume huge CPU resources, since there is no EOF check inside the loop. | ||||
| CVE-2017-14767 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file. | ||||
| CVE-2016-10190 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response. | ||||
| CVE-2017-7859 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c. | ||||
| CVE-2012-5361 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file. | ||||
| CVE-2013-0870 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| The 'vp3_decode_frame' function in FFmpeg 1.1.4 moves threads check out of header packet type check. | ||||
| CVE-2012-2781 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2773, CVE-2012-2778, and CVE-2012-2780. | ||||
| CVE-2017-14058 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-20 | N/A |
| In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop). | ||||
| CVE-2014-125002 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2014-125003 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2014-125004 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2014-125005 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2014-125006 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2014-125007 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | ||||