Search CVE reports

Toggle filters

111 – 120 of 332 results

CVE-2017-17130

Medium priority
Not affected

The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a...

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release
Show less packages

CVE-2017-17129

Medium priority
Not affected

The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release
Show less packages

CVE-2017-17128

Low priority
Vulnerable

The h264_slice_init function in libavcodec/h264_slice.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-17127

Low priority
Vulnerable

The vc1_decode_frame function in libavcodec/vc1dec.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-17081

Low priority

Some fixes available 1 of 28

The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedness error and out-of-array read)...

6 affected packages

chromium-browser, ffmpeg, qtwebengine-opensource-src, gst-libav1.0, oxide-qt, vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected Not in release Not affected
ffmpeg Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gst-libav1.0 Not affected Not affected Not affected Not affected
oxide-qt Not in release Not in release Not in release Not in release
vlc Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-16803

Medium priority
Vulnerable

In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of...

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-15672

Low priority

Some fixes available 1 of 4

The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read.

2 affected packages

libav, ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
ffmpeg Not affected Not affected Not affected Not affected
Show less packages

CVE-2015-1206

Medium priority

Some fixes available 7 of 18

Heap-based buffer overflow in Google Chrome before M40 allows remote attackers to cause a denial of service (unpaged memory write and process crash) via a crafted MP4 file.

6 affected packages

ffmpeg, chromium-browser, gst-libav1.0, mythtv, oxide-qt, vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
chromium-browser Fixed
gst-libav1.0 Not affected
mythtv Not affected
oxide-qt Not in release
vlc Not affected
Show less packages

CVE-2017-14767

Medium priority

Some fixes available 1 of 3

The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or...

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages

CVE-2017-14225

Low priority

Some fixes available 1 of 3

The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in...

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages
  1. Previous page
  2. 10
  3. 11
  4. 12
  5. 13
  6. 14
  7. Next page
Export to JSON