Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg 3.3 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2017-9995
libavcodec/scpr.c in FFmpeg 3.3 prior to 3.3.1 does not properly validate height and width data, which allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Ffmpeg Ffmpeg 3.3
605
VMScore
CVE-2017-9991
Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) ...
Ffmpeg Ffmpeg 3.2.4
Ffmpeg Ffmpeg 3.1.6
Ffmpeg Ffmpeg 3.1.7
Ffmpeg Ffmpeg 3.0.5
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0.4
Ffmpeg Ffmpeg 3.3
Ffmpeg Ffmpeg 3.2.3
Ffmpeg Ffmpeg 3.0.6
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.2.2
Ffmpeg Ffmpeg 3.0.7
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.1
605
VMScore
CVE-2017-9996
The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 does not exclude the CHUNKY format, which allows remote malicious users to cause a denial of service (he...
Ffmpeg Ffmpeg 2.8.3
Ffmpeg Ffmpeg 2.8.4
Ffmpeg Ffmpeg 2.8.5
Ffmpeg Ffmpeg 2.8.6
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.6
Ffmpeg Ffmpeg 3.1.7
Ffmpeg Ffmpeg 3.0.5
Ffmpeg Ffmpeg 3.0.6
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.2.2
Ffmpeg Ffmpeg 3.2.4
Ffmpeg Ffmpeg 3.0.7
Ffmpeg Ffmpeg 2.8.1
Ffmpeg Ffmpeg 2.8.8
Ffmpeg Ffmpeg 2.8.11
605
VMScore
CVE-2017-9990
Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Ffmpeg Ffmpeg
383
VMScore
CVE-2017-9608
The dnxhd decoder in FFmpeg prior to 3.2.6, and 3.3.x prior to 3.3.3 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted mov file.
Ffmpeg Ffmpeg
605
VMScore
CVE-2017-9992
Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) or possi...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
605
VMScore
CVE-2017-9994
libavcodec/webp.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 does not ensure that pix_fmt is set, which allows remote malicious users to cause a denial of service (heap-based buffer overflow and applicatio...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
447
VMScore
CVE-2017-9993
FFmpeg prior to 2.8.12, 3.0.x and 3.1.x prior to 3.1.9, 3.2.x prior to 3.2.6, and 3.3.x prior to 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows malicious users to read arbitrary files via crafted playlist data.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7 Github repositories
828
VMScore
CVE-2009-0385
Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote malicious users to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference.
Ffmpeg Ffmpeg
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 7.10
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Fedoraproject Fedora 10
Fedoraproject Fedora 9
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started