Search CVE reports

Toggle filters

61 – 70 of 332 results

CVE-2019-9717

Medium priority
Needs evaluation

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.

3 affected packages

ffmpeg, qtwebengine-opensource-src, gst-libav1.0

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2019-17539

Medium priority

Some fixes available 1 of 4

In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.

2 affected packages

libav, ffmpeg

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
ffmpeg Not affected Not affected Not affected Fixed
Show less packages

CVE-2019-14443

Medium priority
Vulnerable

An issue was discovered in Libav 12.3. Division by zero in range_decode_culshift in libavcodec/apedec.c allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14442

Medium priority
Vulnerable

In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a...

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14441

Medium priority
Not affected

An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float...

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14372

Medium priority
Vulnerable

In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14371

Medium priority
Vulnerable

An issue was discovered in Libav 12.3. There is an infinite loop in the function mov_probe in the file libavformat/mov.c, related to offset and tag.

1 affected package

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libav Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-9841

Medium priority

Some fixes available 1 of 2

The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Fixed
libav Not in release
Show less packages

CVE-2018-7751

Medium priority

Some fixes available 1 of 40

The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.

7 affected packages

gst-libav1.0, mplayer, mythtv, oxide-qt, libav...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation
mplayer Not affected Not affected Not affected Not affected
mythtv Needs evaluation Needs evaluation Needs evaluation Needs evaluation
oxide-qt Not in release Not in release Not in release Not in release
libav Not in release Not in release Not in release Not in release
ffmpeg Not affected Not affected Not affected Fixed
vlc Not affected Not affected Not affected Not affected
Show all 7 packages Show less packages

CVE-2018-6912

Medium priority
Ignored

The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.

2 affected packages

ffmpeg, libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected
libav Not in release
Show less packages
  1. Previous page
  2. 5
  3. 6
  4. 7
  5. 8
  6. 9
  7. Next page
Export to JSON