Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libav vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-1872
The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg prior to 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspec...
Canonical Ubuntu Linux 12.04
Ffmpeg Ffmpeg
6.8
CVSSv2
CVE-2015-3395
The msrle_decode_pal4 function in msrledec.c in Libav prior to 10.7 and 11.x prior to 11.4 and FFmpeg prior to 2.0.7, 2.2.x prior to 2.2.15, 2.4.x prior to 2.4.8, 2.5.x prior to 2.5.6, and 2.6.x prior to 2.6.2 allows remote malicious users to have unspecified impact via a crafted...
Canonical Ubuntu Linux 12.04
Ffmpeg Ffmpeg 2.2.12
Ffmpeg Ffmpeg 2.2.8
Ffmpeg Ffmpeg 2.4.4
Ffmpeg Ffmpeg 2.5.0
Ffmpeg Ffmpeg 2.4.1
Ffmpeg Ffmpeg 2.2.4
Ffmpeg Ffmpeg 2.2.6
Ffmpeg Ffmpeg 2.2.3
Ffmpeg Ffmpeg 2.4.6
Ffmpeg Ffmpeg 2.6.0
Ffmpeg Ffmpeg 2.5.4
Ffmpeg Ffmpeg 2.2.1
Ffmpeg Ffmpeg 2.4.3
Ffmpeg Ffmpeg 2.2.14
Ffmpeg Ffmpeg 2.5.5
Ffmpeg Ffmpeg 2.4.7
Ffmpeg Ffmpeg 2.4.2
Ffmpeg Ffmpeg 2.4.5
Ffmpeg Ffmpeg 2.2.9
Ffmpeg Ffmpeg 2.2.11
Ffmpeg Ffmpeg 2.5.3
6.8
CVSSv2
CVE-2015-3417
Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg prior to 2.3.6 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via crafted H.264 data in an MP4 file, as demonstrated by an HTML VI...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
7.5
CVSSv2
CVE-2014-9603
The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg prior to 2.5.2 does not validate the relationship between a certain length value and the frame width, which allows remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecif...
Ffmpeg Ffmpeg
7.5
CVSSv2
CVE-2014-9604
libavcodec/utvideodec.c in FFmpeg prior to 2.5.2 does not check for a zero value of a slice height, which allows remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Ut Video data, related to the (1...
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 12.04
7.5
CVSSv2
CVE-2014-9316
The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg prior to 2.1.6, 2.2.x up to and including 2.3.x, and 2.4.x prior to 2.4.4 allows remote malicious users to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via vectors...
Ffmpeg Ffmpeg 2.3
Ffmpeg Ffmpeg 2.3.3
Ffmpeg Ffmpeg 2.2
Ffmpeg Ffmpeg 2.4.1
Ffmpeg Ffmpeg 2.2.4
Ffmpeg Ffmpeg 2.3.5
Ffmpeg Ffmpeg 2.4.3
Ffmpeg Ffmpeg 2.4.2
Ffmpeg Ffmpeg 2.3.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 2.3.4
Ffmpeg Ffmpeg 2.4
7.5
CVSSv2
CVE-2014-9318
The raw_decode function in libavcodec/rawdec.c in FFMpeg prior to 2.1.6, 2.2.x up to and including 2.3.x, and 2.4.x prior to 2.4.4 allows remote malicious users to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via a crafted .cine...
Ffmpeg Ffmpeg 2.3
Ffmpeg Ffmpeg 2.3.3
Ffmpeg Ffmpeg 2.2
Ffmpeg Ffmpeg 2.4.1
Ffmpeg Ffmpeg 2.2.4
Ffmpeg Ffmpeg 2.3.5
Ffmpeg Ffmpeg 2.4.3
Ffmpeg Ffmpeg 2.4.2
Ffmpeg Ffmpeg 2.3.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 2.3.4
Ffmpeg Ffmpeg 2.4
5
CVSSv2
CVE-2014-9319
The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg prior to 2.1.6, 2.2.x up to and including 2.3.x, and 2.4.x prior to 2.4.4 allows remote malicious users to cause a denial of service (out-of-bounds access) via a crafted .bit file.
Ffmpeg Ffmpeg 2.3
Ffmpeg Ffmpeg 2.3.3
Ffmpeg Ffmpeg 2.2
Ffmpeg Ffmpeg 2.4.1
Ffmpeg Ffmpeg 2.2.4
Ffmpeg Ffmpeg 2.3.5
Ffmpeg Ffmpeg 2.4.3
Ffmpeg Ffmpeg 2.4.2
Ffmpeg Ffmpeg 2.3.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 2.3.4
Ffmpeg Ffmpeg 2.4
7.5
CVSSv2
CVE-2014-8545
libavcodec/pngdec.c in FFmpeg prior to 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which allows remote malicious users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted PNG...
Ffmpeg Ffmpeg 0.7.7
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 1.2.5
Ffmpeg Ffmpeg 2.3
Ffmpeg Ffmpeg 0.11.4
Ffmpeg Ffmpeg 0.7.6
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.10.3
Ffmpeg Ffmpeg 2.3.3
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 2.2
Ffmpeg Ffmpeg 0.11.2
Ffmpeg Ffmpeg 0.8.6
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 1.1.10
Ffmpeg Ffmpeg 2.0.4
Ffmpeg Ffmpeg 2.2.4
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.7.5
Ffmpeg Ffmpeg 1.1.2
Ffmpeg Ffmpeg 1.2.6
7.5
CVSSv2
CVE-2014-8542
libavcodec/utils.c in FFmpeg prior to 2.4.2 omits a certain codec ID during enforcement of alignment, which allows remote malicious users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via crafted JV data.
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 12.04
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »