Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg 3.2 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2016-10191
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote malicious users to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.0.4
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
1 Github repository
7.5
CVSSv2
CVE-2016-10192
Heap-based buffer overflow in ffserver.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote malicious users to execute arbitrary code by leveraging failure to check chunk size.
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.0.4
7.5
CVSSv2
CVE-2016-10190
Heap-based buffer overflow in libavformat/http.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.0.4
6.8
CVSSv2
CVE-2017-9992
Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) or possi...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
6.8
CVSSv2
CVE-2017-9991
Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) ...
Ffmpeg Ffmpeg 3.2.4
Ffmpeg Ffmpeg 3.1.6
Ffmpeg Ffmpeg 3.1.7
Ffmpeg Ffmpeg 3.0.5
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0.4
Ffmpeg Ffmpeg 3.3
Ffmpeg Ffmpeg 3.2.3
Ffmpeg Ffmpeg 3.0.6
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.2.2
Ffmpeg Ffmpeg 3.0.7
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.1
6.8
CVSSv2
CVE-2017-9996
The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 does not exclude the CHUNKY format, which allows remote malicious users to cause a denial of service (he...
Ffmpeg Ffmpeg 2.8.3
Ffmpeg Ffmpeg 2.8.4
Ffmpeg Ffmpeg 2.8.5
Ffmpeg Ffmpeg 2.8.6
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.6
Ffmpeg Ffmpeg 3.1.7
Ffmpeg Ffmpeg 3.0.5
Ffmpeg Ffmpeg 3.0.6
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.2.2
Ffmpeg Ffmpeg 3.2.4
Ffmpeg Ffmpeg 3.0.7
Ffmpeg Ffmpeg 2.8.1
Ffmpeg Ffmpeg 2.8.8
Ffmpeg Ffmpeg 2.8.11
6.8
CVSSv2
CVE-2017-9994
libavcodec/webp.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 does not ensure that pix_fmt is set, which allows remote malicious users to cause a denial of service (heap-based buffer overflow and applicatio...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
5.8
CVSSv2
CVE-2018-13300
In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and pos...
Ffmpeg Ffmpeg 4.0.1
Debian Debian Linux 9.0
5
CVSSv2
CVE-2017-9993
FFmpeg prior to 2.8.12, 3.0.x and 3.1.x prior to 3.1.9, 3.2.x prior to 3.2.6, and 3.3.x prior to 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows malicious users to read arbitrary files via crafted playlist data.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7 Github repositories
4.3
CVSSv2
CVE-2019-9718
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 4.1
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »