Search Results (500 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-2161 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header but no frames.
CVE-2011-3945 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted media file.
CVE-2012-0855 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Heap-based buffer overflow in the get_sot function in the J2K decoder (j2k.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of service (application crash) via unspecified vectors related to the curtileno variable.
CVE-2011-3362 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Chinese AVS video (aka CAVS) file.
CVE-2011-3944 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data.
CVE-2011-1931 3 Ffmpeg, Libav, Videolan 4 Ffmpeg, Libavcodec, Libav and 1 more 2025-04-11 N/A
sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file.
CVE-2011-0723 2 Ffmpeg, Mplayer 2 Ffmpeg, Mplayer 2025-04-11 N/A
FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a malformed VC-1 file.
CVE-2011-3941 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to an uninitialized block index, which triggers an out-of-bounds write.
CVE-2011-3940 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams."
CVE-2011-0722 2 Ffmpeg, Mplayerhq 2 Ffmpeg, Mplayer 2025-04-11 N/A
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a malformed RealMedia file.
CVE-2010-4705 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480.
CVE-2010-4704 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. NOTE: this might overlap CVE-2011-0480.
CVE-2010-3908 2 Ffmpeg, Mplayerhq 2 Ffmpeg, Mplayer 2025-04-11 N/A
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed WMV file.
CVE-2011-2162 3 Ffmpeg, Mandriva, Mplayerhq 5 Ffmpeg, Corporate Server, Enterprise Server and 2 more 2025-04-11 N/A
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers."
CVE-2012-2782 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Unspecified vulnerability in the decode_slice_header function in libavcodec/h264.c in FFmpeg before 0.11 has unknown impact and attack vectors, related to a "rejected resolution change."
CVE-2012-2785 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors, related to (1) "some subframes only encode some channels" or (2) a large order value.
CVE-2013-0878 1 Ffmpeg 1 Ffmpeg 2025-04-11 N/A
The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted Targa image data, related to an out-of-bounds array access.
CVE-2012-2788 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is shrunk."
CVE-2012-2789 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large number of vector coded coefficients (num_vec_coeffs).
CVE-2012-2790 2 Ffmpeg, Libav 2 Ffmpeg, Libav 2025-04-11 N/A
Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-block in BGMC mode."