CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8661
https://notcve.org/view.php?id=CVE-2015-8661
24 Dec 2015 — The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted H.264 data. La función h264_slice_header_init en libavcodec/h264_slice.c en FFmpeg en versiones anteriores a la 2.8.3 no valida la relación entre el número de hilos y el número de fracciones, l... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4ea4d2f438c9a7eba37980c9a87be4b34943e4d5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8662
https://notcve.org/view.php?id=CVE-2015-8662
24 Dec 2015 — The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. La función ff_dwt_decode en libavcodec/jpeg2000dwt.c en FFmpeg en versiones anteriores a la 2.8.4 no valida el número de niveles de descomposición antes de procede... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=75422280fbcdfbe9dc56bde5525b4d8b280f1bc5 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8663
https://notcve.org/view.php?id=CVE-2015-8663
24 Dec 2015 — The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov file. La función ff_get_buffer en libavcodec/utils.c en FFmpeg en versiones anteriores a la 2.8.4 mantiene los valores de anchura y altura después de un fallo, lo que permite a atacantes remotos causar una denegación de servicio (acceso al ... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=abee0a1c60612e8638640a8a3738fffb65e16dbf • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2015-8363
https://notcve.org/view.php?id=CVE-2015-8363
26 Nov 2015 — The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via a crafted image with two or more of these markers. La función jpeg2000_read_main_headers en libavcodec/jpeg2000dec.c en FFmpeg en versiones anteriores a 2.6.5, 2.7.x en... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=44a7f17d0b20e6f8d836b2957e3e357b639f19a2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2015-8364 – Ubuntu Security Notice USN-2944-1
https://notcve.org/view.php?id=CVE-2015-8364
26 Nov 2015 — Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 allows remote attackers to cause a denial of service (out-of-bounds heap-memory access) or possibly have unspecified other impact via crafted image dimensions in Indeo Video Interactive data. Desbordamiento de entero en la función ff_ivi_init_planes en libavcodec/ivi.c en FFmpeg en versiones anteriores a 2.6.5, 2.7.x en versiones anteriores a 2.7.3 y 2.8.x hasta la vers... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=df91aa034b82b77a3c4e01791f4a2b2ff6c82066 • CWE-189: Numeric Errors •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2015-8365 – Debian Security Advisory 4012-1
https://notcve.org/view.php?id=CVE-2015-8365
26 Nov 2015 — The smka_decode_frame function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not verify that the data size is consistent with the number of channels, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted Smacker data. La función smka_decode_frame en libavcodec/smacker.c en FFmpeg en versiones anteriores a 2.6.5, 2.7.x en versiones anteriores a 2.7.3 y 2.8.x hasta la vers... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4a9af07a49295e014b059c1ab624c40345af5892 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8216
https://notcve.org/view.php?id=CVE-2015-8216
17 Nov 2015 — The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data. La función ljpeg_decode_yuv_scan en libavcodec/mjpegdec.c en FFmpeg en versiones anteriores a 2.8.2 omite cierta comprobación de anchura y altura, lo que permite a atacantes remotos causar una denegación de servicio (acceso fuera de ran... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d24888ef19ba38b787b11d1ee091a3d94920c76a • CWE-17: DEPRECATED: Code •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8217
https://notcve.org/view.php?id=CVE-2015-8217
17 Nov 2015 — The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted High Efficiency Video Coding (HEVC) data. La función ff_hevc_parse_sps en libavcodec/hevc_ps.c en FFmpeg en versiones anteriores a 2.8.2 no valida el Chroma Format Indicator, lo que permite a atacantes remotos causar una denegación de servicio (... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=93f30f825c08477fe8f76be00539e96014cc83c8 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8218
https://notcve.org/view.php?id=CVE-2015-8218
17 Nov 2015 — The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted CCITT FAX data. La función decode_uncompressed en libavcodec/faxcompr.c en FFmpeg en versiones anteriores a 2.8.2 no valida ejecuciones descomprimidas, lo que permite a atacantes remotos causar una denegación de servicio (acceso fuera de rango al array... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=d4a731b84a08f0f3839eaaaf82e97d8d9c67da46 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-8219
https://notcve.org/view.php?id=CVE-2015-8219
17 Nov 2015 — The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JPEG 2000 data. La función init_tile en libavcodec/jpeg2000dec.c en FFmpeg en versiones anteriores a 2.8.2 no hace cumplir las restricciones de valor mínimo y valor máximo en las coordenadas del recuadro, lo que pe... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=43492ff3ab68a343c1264801baa1d5a02de10167 • CWE-20: Improper Input Validation •