| Max CVSS | 7.5 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-9317 | 7.5 |
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers to cause a denial of service (out-of-bounds heap access) and possibly have other unspecified impact via
|
21-12-2018 - 11:29 | 09-12-2014 - 23:59 | |
| CVE-2015-6820 | 7.5 |
The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which allows remote attackers to cause a denial of service (
|
21-12-2018 - 11:29 | 06-09-2015 - 02:59 | |
| CVE-2015-8217 | 7.5 |
The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other im
|
21-12-2018 - 11:29 | 17-11-2015 - 01:59 | |
| CVE-2015-6822 | 7.5 |
The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7.2 does not properly maintain height and width values in the video context, which allows remote attackers to cause a denial of service (segmentation violation and application crash
|
21-12-2018 - 11:29 | 06-09-2015 - 02:59 | |
| CVE-2015-8364 | 6.8 |
Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspe
|
21-12-2018 - 11:29 | 26-11-2015 - 17:59 | |
| CVE-2015-6826 | 7.5 |
The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified o
|
21-12-2018 - 11:29 | 06-09-2015 - 02:59 | |
| CVE-2015-6825 | 7.5 |
The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified oth
|
21-12-2018 - 11:29 | 06-09-2015 - 02:59 | |
| CVE-2015-8216 | 7.5 |
The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impac
|
21-12-2018 - 11:29 | 17-11-2015 - 01:59 | |
| CVE-2015-6821 | 7.5 |
The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other i
|
21-12-2018 - 11:29 | 06-09-2015 - 02:59 | |
| CVE-2015-8661 | 7.5 |
The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds
|
21-12-2018 - 11:29 | 24-12-2015 - 01:59 | |
| CVE-2015-8663 | 7.5 |
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impa
|
21-12-2018 - 11:29 | 24-12-2015 - 01:59 | |
| CVE-2015-6818 | 7.5 |
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or p
|
21-12-2018 - 11:29 | 06-09-2015 - 02:59 | |
| CVE-2015-8363 | 6.8 |
The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denia
|
21-12-2018 - 11:29 | 26-11-2015 - 17:59 | |
| CVE-2015-6761 | 6.8 |
The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products, relies on a coefficient-partition count during multi-threaded operation, which allows remote attackers to cau
|
21-12-2018 - 11:29 | 15-10-2015 - 10:59 | |
| CVE-2015-8662 | 7.5 |
The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service
|
21-12-2018 - 11:29 | 24-12-2015 - 01:59 | |
| CVE-2016-10191 | 7.5 |
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatch
|
21-12-2018 - 11:29 | 09-02-2017 - 15:59 | |
| CVE-2016-10190 | 7.5 |
Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.
|
21-12-2018 - 11:29 | 09-02-2017 - 15:59 |