Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg 4.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2018-12458
An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.
Ffmpeg Ffmpeg 2.8
Ffmpeg Ffmpeg 4.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2018-14395
libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows malicious users to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.
Debian Debian Linux 9.0
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 4.0
6.5
CVSSv3
CVE-2018-12459
An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.
Ffmpeg Ffmpeg 4.0
6.5
CVSSv3
CVE-2018-12460
libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.
Ffmpeg Ffmpeg 4.0
NA
CVE-2011-2162
Multiple unspecified vulnerabilities in FFmpeg 0.4.x up to and including 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack ve...
Ffmpeg Ffmpeg 0.4.7
Mplayerhq Mplayer 1.0
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.4.4
Ffmpeg Ffmpeg 0.5.3
Ffmpeg Ffmpeg 0.5.2
Ffmpeg Ffmpeg 0.4.6
Ffmpeg Ffmpeg 0.4.3
Ffmpeg Ffmpeg 0.4.9
Ffmpeg Ffmpeg 0.5.1
Ffmpeg Ffmpeg 0.4.8
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.4.0
Ffmpeg Ffmpeg 0.6.1
Mandriva Linux 2009.0
Mandriva Linux 2010.1
Mandriva Enterprise Server 5
Mandriva Linux 2010.0
Mandriva Corporate Server 4.0
8.8
CVSSv3
CVE-2019-11339
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 prior to 4.0.4 and 4.1 prior to 4.1.2 allows remote malicious users to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
Ffmpeg Ffmpeg
NA
CVE-2009-0385
Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote malicious users to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.
Ffmpeg Ffmpeg
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Fedoraproject Fedora 10
Fedoraproject Fedora 9
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started