Lucene search

K

Libav Security Vulnerabilities

cve
cve

CVE-2019-9719

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a...

8.8CVSS

8.7AI Score

0.006EPSS

2019-09-19 09:15 PM
116
cve
cve

CVE-2019-14441

An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float in avcodec/mpegaudiodsp_template.c. NOTE: This may be a duplicate of...

6.5CVSS

6.3AI Score

0.001EPSS

2019-07-30 01:15 PM
30
cve
cve

CVE-2018-19130

In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of...

6.5CVSS

6.3AI Score

0.005EPSS

2018-11-09 11:29 AM
36
cve
cve

CVE-2016-7393

Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted...

5.5CVSS

5.5AI Score

0.005EPSS

2017-02-15 09:59 PM
27
cve
cve

CVE-2016-7499

The sbr_make_f_master function in aacsbr.c in Libav 11.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted mp3...

5.5CVSS

5.3AI Score

0.004EPSS

2017-02-15 09:59 PM
16
cve
cve

CVE-2016-6832

Heap-based buffer overflow in the ff_audio_resample function in resample.c in libav before 11.4 allows remote attackers to cause a denial of service (crash) via vectors related to buffer...

5.5CVSS

5.6AI Score

0.004EPSS

2017-02-15 07:59 PM
21
cve
cve

CVE-2014-3984

Multiple unspecified vulnerabilities in Libav before 0.8.12 allow remote attackers to have unknown impact and...

6.9AI Score

0.016EPSS

2014-06-06 02:55 PM
22
cve
cve

CVE-2012-0947

Heap-based buffer overflow in the vqa_decode_chunk function in the VQA codec (vqavideo.c) in libavcodec in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a....

9.6AI Score

0.044EPSS

2012-08-20 06:55 PM
46
cve
cve

CVE-2012-2793

Unspecified vulnerability in the lag_decode_zero_run_line function in libavcodec/lagarith.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors related to "too many...

9AI Score

0.006EPSS

2012-09-10 10:55 PM
31
cve
cve

CVE-2012-2794

Unspecified vulnerability in the decode_mb_info function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "allocated tile size ... mismatches...

9.1AI Score

0.006EPSS

2012-09-10 10:55 PM
25
cve
cve

CVE-2012-2787

Unspecified vulnerability in the decode_frame function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup...

9.2AI Score

0.005EPSS

2012-09-10 10:55 PM
28
cve
cve

CVE-2012-2783

Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to "freeing the returned...

9.2AI Score

0.006EPSS

2012-09-10 10:55 PM
36
cve
cve

CVE-2012-2784

Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than...

9.1AI Score

0.006EPSS

2012-09-10 10:55 PM
42
cve
cve

CVE-2012-2775

Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large order and an "out of array write in...

9.2AI Score

0.006EPSS

2012-09-10 10:55 PM
32
cve
cve

CVE-2012-2772

Unspecified vulnerability in the ff_rv34_decode_frame function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing with frame...

9.2AI Score

0.006EPSS

2012-09-10 10:55 PM
34
cve
cve

CVE-2012-0853

The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in libavcodec in FFmpeg 0.7.x before 0.7.12, and 0.8.x before 0.8.11; and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (infinite...

7.5AI Score

0.021EPSS

2012-08-20 06:55 PM
31
cve
cve

CVE-2011-3940

nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (out-of-bounds read and write) via a crafted NSV file that triggers...

8.7AI Score

0.021EPSS

2012-08-20 06:55 PM
41
cve
cve

CVE-2011-3929

The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application...

9.3AI Score

0.024EPSS

2012-08-20 06:55 PM
41
cve
cve

CVE-2016-7424

The put_no_rnd_pixels8_xy2_mmx function in x86/rnd_template.c in libav 11.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted MP3...

5.5CVSS

5.1AI Score

0.011EPSS

2016-10-07 02:59 PM
44
cve
cve

CVE-2012-2796

Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that trigger "out of array...

9.2AI Score

0.005EPSS

2012-09-10 10:55 PM
25
cve
cve

CVE-2012-2790

Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-block in BGMC...

9.2AI Score

0.006EPSS

2012-09-10 10:55 PM
24
cve
cve

CVE-2012-2786

Unspecified vulnerability in the decode_wdlt function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array...

9.2AI Score

0.006EPSS

2012-09-10 10:55 PM
28
cve
cve

CVE-2012-2779

Unspecified vulnerability in the decode_frame function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "half initialized...

9.1AI Score

0.006EPSS

2012-09-10 10:55 PM
37
cve
cve

CVE-2012-2777

Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to "width/height changing in CAVS," a different vulnerability than...

9.1AI Score

0.006EPSS

2012-09-10 10:55 PM
40
cve
cve

CVE-2012-0851

The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary...

7.5AI Score

0.022EPSS

2012-08-20 06:55 PM
38
cve
cve

CVE-2012-2802

Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array...

9.2AI Score

0.006EPSS

2012-09-10 10:55 PM
24
cve
cve

CVE-2012-2803

Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impact and attack vectors, related to resetting the data size...

9.2AI Score

0.007EPSS

2012-09-10 10:55 PM
36
cve
cve

CVE-2012-2800

Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches parameters" and triggers "writing into a too small....

9.1AI Score

0.006EPSS

2012-09-10 10:55 PM
27
cve
cve

CVE-2012-2798

Unspecified vulnerability in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array...

9.2AI Score

0.006EPSS

2012-09-10 10:55 PM
30
cve
cve

CVE-2012-2789

Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to a large number of vector coded coefficients...

9.1AI Score

0.006EPSS

2012-09-10 10:55 PM
23
cve
cve

CVE-2012-2788

Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an "out of array read" when a "packet is...

9.1AI Score

0.006EPSS

2012-09-10 10:55 PM
43
cve
cve

CVE-2011-4364

Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of service (crash) and possibly....

9.4AI Score

0.016EPSS

2022-10-03 04:15 PM
42
cve
cve

CVE-2011-3945

The decode_frame function in the KVG1 decoder (kgv1dec.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly.....

9.3AI Score

0.013EPSS

2022-10-03 04:15 PM
28
cve
cve

CVE-2011-3362

Integer signedness error in the decode_residual_block function in cavsdec.c in libavcodec in FFmpeg before 0.7.3 and 0.8.x before 0.8.2, and libav through 0.7.1, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a.....

9.6AI Score

0.015EPSS

2022-10-03 04:15 PM
36
cve
cve

CVE-2014-5271

Heap-based buffer overflow in the encode_slice function in libavcodec/proresenc_kostya.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.x before 2.2.7, and 2.3.x before 2.3.3 and Libav before 10.5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via...

9.1AI Score

0.042EPSS

2014-11-03 04:55 PM
21
cve
cve

CVE-2012-0858

The Shorten codec (shorten.c) in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (application crash) and possibly execute...

7.5AI Score

0.015EPSS

2022-10-03 04:15 PM
40
cve
cve

CVE-2012-0852

The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an ADPCM.....

7.6AI Score

0.022EPSS

2012-08-20 06:55 PM
34
cve
cve

CVE-2011-4352

Integer overflow in the vp3_dequant function in the VP3 decoder (vp3.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial.....

9.6AI Score

0.024EPSS

2022-10-03 04:15 PM
31
cve
cve

CVE-2011-3952

The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large palette...

9.4AI Score

0.013EPSS

2022-10-03 04:15 PM
40
cve
cve

CVE-2011-3951

The dpcm_decode_frame function in dpcm.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.6, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted...

9.3AI Score

0.013EPSS

2022-10-03 04:15 PM
41
cve
cve

CVE-2011-3936

The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a...

8.6AI Score

0.01EPSS

2012-08-20 06:55 PM
46
cve
cve

CVE-2012-2804

Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and...

9.2AI Score

0.004EPSS

2012-09-10 10:55 PM
23
4
cve
cve

CVE-2012-2801

Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to dimensions and "out of array...

9.2AI Score

0.006EPSS

2012-09-10 10:55 PM
35
cve
cve

CVE-2012-2797

Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors related to a calculation that prevents a frame from being "large...

9AI Score

0.004EPSS

2012-09-10 10:55 PM
33
cve
cve

CVE-2012-2791

Multiple unspecified vulnerabilities in the (1) decode_band_hdr function in indeo4.c and (2) ff_ivi_decode_blocks function in ivi_common.c in libavcodec/ in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, have unknown impact and attack vectors, related to the "transform...

9.4AI Score

0.005EPSS

2012-09-10 10:55 PM
30
cve
cve

CVE-2012-2776

Unspecified vulnerability in the decode_cell_data function in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to an "out of picture...

9.2AI Score

0.005EPSS

2012-09-10 10:55 PM
27
cve
cve

CVE-2011-4579

The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.4, and 0.7.x before 0.7.3 allows remote attackers to cause a denial of...

6.2AI Score

0.006EPSS

2022-10-03 04:15 PM
37
cve
cve

CVE-2011-3947

Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via.....

9.4AI Score

0.022EPSS

2012-08-20 06:55 PM
40
cve
cve

CVE-2011-3937

The H.263 codec (libavcodec/h263dec.c) in FFmpeg 0.7.x before 0.7.12, 0.8.x before 0.8.11, and unspecified versions before 0.10, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.7.5, and 0.8.x before 0.8.1 has unspecified impact and attack vectors related to "width/height...

9.1AI Score

0.002EPSS

2013-01-05 12:55 AM
38
cve
cve

CVE-2015-5479

The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with crafted...

6.5CVSS

6.2AI Score

0.013EPSS

2016-04-19 02:59 PM
34
Total number of security vulnerabilities105