Search CVE reports

Toggle filters

61 – 70 of 337 results

CVE-2020-18778

Medium priority
Vulnerable

In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-18776

Low priority
Vulnerable

In Libav 12.3, there is a segmentation fault in vc1_decode_b_mb_intfr in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2020-18775

Low priority
Vulnerable

In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_b_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-9720

Medium priority
Needs evaluation

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf.

3 affected packages

gst-libav1.0, qtwebengine-opensource-src, ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ffmpeg Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-9719

Medium priority
Ignored

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties...

4 affected packages

gst-libav1.0, qtwebengine-opensource-src, vice, ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gst-libav1.0 Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Not affected Not affected Not affected Not affected
vice Not affected Not affected Not affected Not affected
ffmpeg Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-9717

Medium priority
Needs evaluation

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.

3 affected packages

gst-libav1.0, qtwebengine-opensource-src, ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
ffmpeg Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-17539

Medium priority

Some fixes available 1 of 4

In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Fixed
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14443

Medium priority
Vulnerable

An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14442

Medium priority
Vulnerable

In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a...

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14441

Medium priority
Not affected

An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float...

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages
  1. Previous page
  2. 5
  3. 6
  4. 7
  5. 8
  6. 9
  7. Next page
Export to JSON