Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg 3.2 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-10191
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote malicious users to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.0.4
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
1 Github repository
9.8
CVSSv3
CVE-2016-10192
Heap-based buffer overflow in ffserver.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote malicious users to execute arbitrary code by leveraging failure to check chunk size.
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.0.4
9.8
CVSSv3
CVE-2016-10190
Heap-based buffer overflow in libavformat/http.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.0.4
8.8
CVSSv3
CVE-2017-9992
Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) or possi...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
8.1
CVSSv3
CVE-2018-13300
In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and pos...
Ffmpeg Ffmpeg 4.0.1
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2017-9991
Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) ...
Ffmpeg Ffmpeg 3.2.4
Ffmpeg Ffmpeg 3.1.6
Ffmpeg Ffmpeg 3.1.7
Ffmpeg Ffmpeg 3.0.5
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0.4
Ffmpeg Ffmpeg 3.3
Ffmpeg Ffmpeg 3.2.3
Ffmpeg Ffmpeg 3.0.6
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.2.2
Ffmpeg Ffmpeg 3.0.7
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.1
7.8
CVSSv3
CVE-2017-9994
libavcodec/webp.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 does not ensure that pix_fmt is set, which allows remote malicious users to cause a denial of service (heap-based buffer overflow and applicatio...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-9996
The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 does not exclude the CHUNKY format, which allows remote malicious users to cause a denial of service (he...
Ffmpeg Ffmpeg 2.8.3
Ffmpeg Ffmpeg 2.8.4
Ffmpeg Ffmpeg 2.8.5
Ffmpeg Ffmpeg 2.8.6
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.6
Ffmpeg Ffmpeg 3.1.7
Ffmpeg Ffmpeg 3.0.5
Ffmpeg Ffmpeg 3.0.6
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.2.2
Ffmpeg Ffmpeg 3.2.4
Ffmpeg Ffmpeg 3.0.7
Ffmpeg Ffmpeg 2.8.1
Ffmpeg Ffmpeg 2.8.8
Ffmpeg Ffmpeg 2.8.11
7.5
CVSSv3
CVE-2017-9993
FFmpeg prior to 2.8.12, 3.0.x and 3.1.x prior to 3.1.9, 3.2.x prior to 3.2.6, and 3.3.x prior to 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows malicious users to read arbitrary files via crafted playlist data.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7 Github repositories
6.5
CVSSv3
CVE-2019-9721
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows malicious users to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 4.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »