Total
481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-7019 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 6.8 MEDIUM | N/A |
| The get_cox function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not properly validate the reduction factor, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2009-4639 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 4.3 MEDIUM | N/A |
| The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI file that triggers a divide-by-zero error. | |||||
| CVE-2013-0861 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 5.0 MEDIUM | N/A |
| The avcodec_decode_audio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout. | |||||
| CVE-2013-7010 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 6.8 MEDIUM | N/A |
| Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. | |||||
| CVE-2013-3675 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 4.3 MEDIUM | N/A |
| The process_frame_obj function in sanm.c in libavcodec in FFmpeg before 1.2.1 does not validate width and height values, which allows remote attackers to cause a denial of service (integer overflow, out-of-bounds array access, and application crash) via crafted LucasArts Smush video data. | |||||
| CVE-2013-4263 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 7.5 HIGH | N/A |
| libavfilter in FFmpeg before 2.0.1 has unspecified impact and remote vectors related to a crafted "plane," which triggers an out-of-bounds heap write. | |||||
| CVE-2012-2800 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the ff_ivi_process_empty_tile function in libavcodec/ivi_common.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors in which the "tile size ... mismatches parameters" and triggers "writing into a too small array." | |||||
| CVE-2013-7023 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 6.8 MEDIUM | N/A |
| The ff_combine_frame function in libavcodec/parser.c in FFmpeg before 2.1 does not properly handle certain memory-allocation errors, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. | |||||
| CVE-2012-2776 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the decode_cell_data function in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to an "out of picture write." | |||||
| CVE-2013-0856 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 9.3 HIGH | N/A |
| The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Apple Lossless Audio Codec (ALAC) data, related to a large nb_samples value. | |||||
| CVE-2013-7012 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 6.8 MEDIUM | N/A |
| The get_siz function in libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not prevent attempts to use non-zero image offsets, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG2000 data. | |||||
| CVE-2013-0878 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 9.3 HIGH | N/A |
| The advance_line function in libavcodec/targa.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted Targa image data, related to an out-of-bounds array access. | |||||
| CVE-2011-4351 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 7.5 HIGH | N/A |
| Buffer overflow in FFmpeg before 0.5.6, 0.6.x before 0.6.4, 0.7.x before 0.7.8, and 0.8.x before 0.8.8 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2009-4635 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 9.3 HIGH | N/A |
| FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, leading to processing of a video-structure pointer by the mp3 decoder, and a stack-based buffer overflow. | |||||
| CVE-2012-2802 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the ac3_decode_frame function in libavcodec/ac3dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "number of output channels" and "out of array writes." | |||||
| CVE-2012-2804 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors, related to "reallocation code" and the luma height and width. | |||||
| CVE-2011-2161 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 4.3 MEDIUM | N/A |
| The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other products, allows remote attackers to cause a denial of service (application crash) via an APE (aka Monkey's Audio) file that contains a header but no frames. | |||||
| CVE-2012-2796 | 2 Ffmpeg, Libav | 2 Ffmpeg, Libav | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the vc1_decode_frame function in libavcodec/vc1dec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to inconsistencies in "coded slice positions and interlacing" that trigger "out of array writes." | |||||
| CVE-2009-4637 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 10.0 HIGH | N/A |
| FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow. | |||||
| CVE-2013-0851 | 1 Ffmpeg | 1 Ffmpeg | 2026-04-29 | 9.3 HIGH | N/A |
| The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access. | |||||