CVE search results

101 – 106 of 106 results

Detailed view

Sort by:

CVE-2018-1999010

Medium priority

Some fixes available 1 of 54

FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable...

7 affected packages

chromium-browser, ffmpeg, gst-libav1.0, libav, oxide-qt...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Ignored	Ignored	Ignored	Not in release	Ignored
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libav	Not in release	Not in release	Not in release	Not in release	Not in release
oxide-qt	Not in release	Not in release	Not in release	Not in release	Not in release
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vlc	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2017-17081

Low priority

Some fixes available 1 of 29

The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedness error and out-of-array read)...

6 affected packages

chromium-browser, ffmpeg, gst-libav1.0, oxide-qt, qtwebengine-opensource-src, vlc

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	Not affected	Not in release	Not affected
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Not affected	Not affected	Not affected	Not affected	Not affected
oxide-qt	Not in release	Not in release	Not in release	Not in release	Not in release
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
vlc	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2012-6618

Low priority

Needs evaluation

The av_probe_input_buffer function in libavformat/utils.c in FFmpeg before 1.0.2, when running with certain -probesize values, allows remote attackers to cause a denial of service (crash) via a crafted MP3 file, possibly related...

3 affected packages

ffmpeg, libav, qtwebengine-opensource-src

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2012-6617

Medium priority

Needs evaluation

The prepare_sdp_description function in ffserver.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (crash) via vectors related to the rtp format.

9 affected packages

chromium-browser, ffmpeg, gst-libav1.0, gstreamer0.10-ffmpeg, kino...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	Not affected	Not in release	Not affected
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
gstreamer0.10-ffmpeg	Not in release	Not in release	Not in release	Not in release	Not in release
kino	Not in release	Not in release	Not affected	Not affected	Not affected
libav	Not in release	Not in release	Not in release	Not in release	Not in release
mythtv	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
oxide-qt	Not in release	Not in release	Not in release	Not in release	Not in release
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2012-6616

Medium priority

Needs evaluation

The mov_text_decode_frame function in libavcodec/movtextdec.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via crafted 3GPP TS 26.245 data.

7 affected packages

chromium-browser, ffmpeg, gst-libav1.0, libav, mythtv...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	Not affected	Not in release	Not affected
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libav	Not in release	Not in release	Not in release	Not in release	Not in release
mythtv	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
oxide-qt	Not in release	Not in release	Not in release	Not in release	Not in release
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2012-6615

Medium priority

Needs evaluation

The ff_ass_split_override_codes function in libavcodec/ass_split.c in FFmpeg before 1.0.2 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a subtitle dialog without text.

7 affected packages

chromium-browser, ffmpeg, gst-libav1.0, libav, mythtv...

Package	26.04 LTS	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	Not affected	Not in release	Not affected
ffmpeg	Not affected	Not affected	Not affected	Not affected	Not affected
gst-libav1.0	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
libav	Not in release	Not in release	Not in release	Not in release	Not in release
mythtv	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation
oxide-qt	Not in release	Not in release	Not in release	Not in release	Not in release
qtwebengine-opensource-src	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

Export to JSON

Results by page:

Search CVE reports