Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg 4.1 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2020-12284
cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
Ffmpeg Ffmpeg 4.1
Ffmpeg Ffmpeg 4.2.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
605
VMScore
CVE-2019-11339
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 prior to 4.0.4 and 4.1 prior to 4.1.2 allows remote malicious users to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
Ffmpeg Ffmpeg
445
VMScore
CVE-2020-21041
Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service
Ffmpeg Ffmpeg 4.1
Debian Debian Linux 9.0
Debian Debian Linux 10.0
383
VMScore
CVE-2019-9721
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows malicious users to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 4.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
383
VMScore
CVE-2019-9718
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 4.1
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
383
VMScore
CVE-2019-1000016
FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to ha...
Ffmpeg Ffmpeg 4.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654
CVE-2023-49606
encryption
NULL pointer dereference
CVE-2024-4439
CVE-2024-4649
race condition
CVE-2024-27202
CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started