Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-22860
Integer overflow vulnerability in FFmpeg before n6.1, allows remote malicious users to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
Ffmpeg Ffmpeg
9.8
CVSSv3
CVE-2024-22862
Integer overflow vulnerability in FFmpeg before n6.1, allows remote malicious users to execute arbitrary code via the JJPEG XL Parser.
Ffmpeg Ffmpeg
9.8
CVSSv3
CVE-2023-39018
FFmpeg 0.7.0 and below exists to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple third parties because there are no realistic...
Bramp Ffmpeg-cli-wrapper
9.8
CVSSv3
CVE-2020-28435
This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js.
Ffmpeg-sdk Project Ffmpeg-sdk
9.8
CVSSv3
CVE-2021-38171
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.
Ffmpeg Ffmpeg 4.4
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
2 Github repositories
9.8
CVSSv3
CVE-2020-12284
cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
Ffmpeg Ffmpeg 4.1
Ffmpeg Ffmpeg 4.2.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2019-17539
In FFmpeg prior to 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
Ffmpeg Ffmpeg
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
9.8
CVSSv3
CVE-2019-17542
FFmpeg prior to 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2019-12730
aa_read_header in libavformat/aadec.c in FFmpeg prior to 3.2.14 and 4.x prior to 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables.
Ffmpeg Ffmpeg
2 Github repositories
9.8
CVSSv3
CVE-2018-1999010
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appe...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »