Filtered by vendor Ffmpeg
Subscriptions
Total
487 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4352 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VP3 stream, which triggers a buffer overflow. | ||||
| CVE-2011-4351 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2011-3974 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, a different vulnerability than CVE-2011-3362. | ||||
| CVE-2011-3973 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362. | ||||
| CVE-2011-3952 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette size in a KMVC encoded file. | ||||
| CVE-2011-3951 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted stereo stream in a media file. | ||||
| CVE-2011-3950 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The dirac_decode_data_unit function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via a crafted value in the reference pictures number. | ||||
| CVE-2011-3949 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The dirac_unpack_idwt_params function in libavcodec/diracdec.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Dirac data. | ||||
| CVE-2011-3947 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted MJPEG-B file. | ||||
| CVE-2011-3946 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Supplemental enhancement information (SEI) data, which triggers an infinite loop. | ||||
| CVE-2011-3944 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The smacker_decode_header_tree function in libavcodec/smacker.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted Smacker data. | ||||
| CVE-2011-3940 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers "use of uninitialized streams." | ||||
| CVE-2011-3936 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DV file. | ||||
| CVE-2011-3935 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The codec_get_buffer function in ffmpeg.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vectors related to a crafted image size. | ||||
| CVE-2011-3934 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| Double free vulnerability in the vp3_update_thread_context function in libavcodec/vp3.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via crafted vp3 data. | ||||
| CVE-2011-3929 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly execute arbitrary code via a crafted DV file. | ||||
| CVE-2012-2804 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2025-04-11 | N/A |
| Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width. | ||||
| CVE-2011-3504 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-11 | N/A |
| The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2011-1931 | 3 Ffmpeg, Libav, Videolan | 4 Ffmpeg, Libavcodec, Libav and 1 more | 2025-04-11 | N/A |
| sp5xdec.c in the Sunplus SP5X JPEG decoder in libavcodec in FFmpeg before 0.6.3 and libav through 0.6.2, as used in VideoLAN VLC media player 1.1.9 and earlier and other products, performs a write operation outside the bounds of an unspecified array, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a malformed AMV file. | ||||
| CVE-2011-2162 | 3 Ffmpeg, Mandriva, Mplayerhq | 5 Ffmpeg, Corporate Server, Enterprise Server and 2 more | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers." | ||||