CVE search results

141 – 150 of 349 results

Detailed view

Sort by:

CVE-2017-11719

Medium priority

Ignored

The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.

2 affected packages

libav, ffmpeg

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libav	—	—	—	—	Not in release
ffmpeg	—	—	—	—	Not affected

CVE-2017-11665

Medium priority

Some fixes available 1 of 3

The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.

2 affected packages

ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	—	Not affected
libav	—	—	—	—	Not in release

CVE-2017-11684

Medium priority

Vulnerable

There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of service via crafted input.

2 affected packages

ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2017-9996

Medium priority

Some fixes available 1 of 4

The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not exclude the CHUNKY format, which allows...

2 affected packages

ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2017-9995

Medium priority

Not affected

libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly...

2 affected packages

ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	—	—
libav	—	—	—	—	—

CVE-2017-9994

Medium priority

Some fixes available 1 of 4

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of...

2 affected packages

libav, ffmpeg

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libav	Not in release	Not in release	Not in release	Not in release	Not in release
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2017-9993

Medium priority

Some fixes available 1 of 4

FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files...

2 affected packages

libav, ffmpeg

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libav	Not in release	Not in release	Not in release	Not in release	Not in release
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2017-9992

Medium priority

Some fixes available 1 of 4

Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of...

2 affected packages

ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2017-9991

Medium priority

Some fixes available 1 of 4

Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a...

2 affected packages

ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2017-9990

Medium priority

Not affected

Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact...

2 affected packages

ffmpeg, libav

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	—	—	—	—	—
libav	—	—	—	—	—

Export to JSON

Results by page:

Search CVE reports