Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

31 – 40 of 297 results


CVE-2019-14442

Medium priority
Vulnerable

In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek infinite loop and hang, with 100% CPU consumption. Attackers could leverage this vulnerability to cause a denial of service via a...

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14441

Medium priority
Not affected

** DISPUTED ** An issue was discovered in Libav 12.3. An access violation allows remote attackers to cause a denial of service (application crash), as demonstrated by avconv. This is related to ff_mpa_synth_filter_float...

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14372

Medium priority
Vulnerable

In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c.

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2019-14371

Medium priority
Vulnerable

An issue was discovered in Libav 12.3. There is an infinite loop in the function mov_probe in the file libavformat/mov.c, related to offset and tag.

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2017-5984

Medium priority
Vulnerable

In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-20001

Low priority
Vulnerable

In Libav 12.3, there is a floating point exception in the range_decode_culshift function (called from range_decode_bits) in libavcodec/apedec.c that will lead to remote denial of service via crafted input.

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-19130

Low priority
Not affected

** DISPUTED ** In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a duplicate of CVE-2017-17127.

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-19129

Low priority
Vulnerable

In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file.

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-19128

Low priority
Vulnerable

In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.

1 affected packages

libav

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libav Not in release Not in release Not in release Not in release Not in release
Show less packages

CVE-2018-18829

Medium priority
Needs evaluation

There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file.

5 affected packages

ffmpeg, gst-libav1.0, libav, qtwebengine-opensource-src, vlc

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
gst-libav1.0 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libav Not in release Not in release Not in release Not in release Not in release
qtwebengine-opensource-src Needs evaluation Needs evaluation Needs evaluation Needs evaluation Not in release
vlc Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages