ROS-20251110-01

FFmpeg multimedia library vulnerability is related to null pointer dereferencing error in HLS playlists parsing. when parsing HLS playlists. Exploitation of the vulnerability could allow an attacker acting remotely, cause a denial of service A vulnerability in the audioelementobu function of the...

EUVD-2014-3175

Malware in sbrugna...

UBUNTU-CVE-2024-36617

FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder...

UBUNTU-CVE-2024-31581

FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbsh266syntaxtemplate.c. This vulnerability allows attackers to cause undefined behavior within the application...

DEBIAN-CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

Debian DSA-3776-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2017-5006 Mariusz Mlynski discovered a cross-site scripting issue. - CVE-2017-5007 Mariusz Mlynski discovered another cross-site scripting issue. - CVE-2017-5008 Mariusz Mlynski discovered a third cross-site scripting...

UBUNTU-CVE-2017-5024

FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote attacker to potentially exploit heap corruption via a crafted video file...

Debian Security Advisory DSA 3731-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-5181 A cross-site scripting issue was discovered. CVE-2016-5182 Giwan Go discovered a heap overflow issue. CVE-2016-5183 A use-after-free issue was discovered in the pdfium library. CVE-2016-5184 Another...

UBUNTU-CVE-2016-2327

libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted .avi file, related to the apngencodeframe and encodeapng...

Debian DSA-3376-1 : chromium-browser - security update

Several vulnerabilities have been discovered in the chromium web browser. - CVE-2015-1303 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the DOM implementation. - CVE-2015-1304 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the v8 JavaScript library. -...

Debian Security Advisory DSA 3376-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2015-1303 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the DOM implementation. CVE-2015-1304 Mariusz Mlynski discovered a way to bypass the Same Origin Policy in the v8 javascript library...

UBUNTU-CVE-2015-6825

The ffframethreadinit function in libavcodec/pthreadframe.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via a crafted file, as demonstrated by an A...

Heap overflow

Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpegvideodecoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that a...

CVE-2014-3157

Heap-based buffer overflow in the FFmpegVideoDecoder::GetVideoBuffer function in media/filters/ffmpegvideodecoder.cc in Google Chrome before 35.0.1916.153 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging VideoFrame data structures that a...

GLSA-200603-03 : MPlayer: Multiple integer overflows

The remote host is affected by the vulnerability described in GLSA-200603-03 MPlayer: Multiple integer overflows MPlayer makes use of the FFmpeg library, which is vulnerable to a heap overflow in the avcodecdefaultgetbuffer function discovered by Simon Kilvington see GLSA 200601-06. Furthermore,...

USN-230-2: ffmpeg/xine-lib vulnerability

USN-230-1 fixed a vulnerability in the ffmpeg library. The Xine library contains a copy of the ffmpeg code, thus it is vulnerable to the same flaw. For reference, this is the original advisory: Simon Kilvington discovered a buffer overflow in the avcodecdefaultgetbuffer function of the ffmpeg...