Search CVE reports

Toggle filters

91 – 100 of 332 results

CVE-2018-13301

Low priority
Needs evaluation

In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to...

9 affected packages

chromium-browser, libav, gstreamer0.10-ffmpeg, vlc, gst-libav1.0...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Ignored Ignored Not in release Ignored
libav Not in release Not in release Not in release Not in release
gstreamer0.10-ffmpeg Not in release Not in release Not in release Not in release
vlc Not affected Not affected Not affected Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ffmpeg Not affected Not affected Not affected Not affected
mplayer Not affected Not affected Not affected Not affected
oxide-qt Not in release Not in release Not in release Not in release
Show all 9 packages Show less packages

CVE-2018-13300

Medium priority

Some fixes available 15 of 81

In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI...

10 affected packages

chromium-browser, ffmpeg, gstreamer0.10-ffmpeg, mplayer, vlc...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Ignored Ignored Not in release Ignored
ffmpeg Fixed Fixed Fixed Fixed
gstreamer0.10-ffmpeg Not in release Not in release Not in release Not in release
mplayer Not affected Not affected Not affected Not affected
vlc Not affected Not affected Not affected Not affected
kino Not in release Needs evaluation Needs evaluation Needs evaluation
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
oxide-qt Not in release Not in release Not in release Not in release
Show all 10 packages Show less packages

CVE-2018-11224

Low priority
Vulnerable

An issue was discovered in Libav 12.3. A read access violation in the in_table_init16 function in libavcodec/aacsbr.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-11102

Low priority
Vulnerable

An issue was discovered in Libav 12.3. A read access violation in the mov_probe function in libavformat/mov.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-7751

Medium priority

Some fixes available 1 of 40

The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.

7 affected packages

gst-libav1.0, mythtv, ffmpeg, libav, mplayer...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ffmpeg Not affected Not affected Not affected Fixed
libav Not in release Not in release Not in release Not in release
mplayer Not affected Not affected Not affected Not affected
oxide-qt Not in release Not in release Not in release Not in release
vlc Not affected Not affected Not affected Not affected
Show all 7 packages Show less packages

CVE-2018-10001

Low priority

Some fixes available 1 of 2

The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Fixed
libav Not in release
Show less packages

CVE-2018-9841

Medium priority

Some fixes available 1 of 2

The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Fixed
libav Not in release
Show less packages

CVE-2017-18247

Medium priority
Not affected

The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release
Show less packages

CVE-2017-18246

Medium priority
Vulnerable

The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-18245

Medium priority
Vulnerable

The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages
  1. Previous page
  2. 8
  3. 9
  4. 10
  5. 11
  6. 12
  7. Next page
Export to JSON