Search Results (499 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-0857 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Multiple buffer overflows in the get_qcx function in the J2K decoder (j2kdec.c) in libavcode in FFmpeg before 0.9.1 allow remote attackers to cause a denial of service (application crash) via unspecified vectors.
CVE-2009-4632 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read.
CVE-2009-4631 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption.
CVE-2011-3929 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly execute arbitrary code via a crafted DV file.
CVE-2011-3940 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams."
CVE-2011-3944 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data.
CVE-2012-2775 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large order and an "out of array write in quant_cof."
CVE-2012-2782 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Unspecified vulnerability in the decode_slice_header function in libavcodec/h264.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to a "rejected resolution change."
CVE-2012-2788 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk."
CVE-2012-2796 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that trigger "out of array writes."
CVE-2012-2797 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors related to a calculation that prevents a frame from being "large enough."
CVE-2012-2798 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array write."
CVE-2012-2799 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Unspecified vulnerability in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to the "put bit buffer when num_saved_bits is reset."
CVE-2012-2804 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width.
CVE-2011-4579 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (memory corruption) via a crafted SVQ1 stream, related to "dimensions changed."
CVE-2013-7009 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Apple RPZA data.
CVE-2009-4636 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop.
CVE-2009-4638 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
CVE-2009-4640 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.
CVE-2013-4263 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote vectors related to a crafted "plane," which triggers an out-of-bounds heap write.