Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg libavcodec vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-12284
cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
Ffmpeg Ffmpeg 4.1
Ffmpeg Ffmpeg 4.2.2
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2019-17539
In FFmpeg prior to 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
Ffmpeg Ffmpeg
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
9.8
CVSSv3
CVE-2019-17542
FFmpeg prior to 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
Ffmpeg Ffmpeg
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
9.8
CVSSv3
CVE-2017-16840
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote malicious users to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.4
Debian Debian Linux 9.0
1 Github repository
9.8
CVSSv3
CVE-2017-7859
FFmpeg prior to 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.
Ffmpeg Ffmpeg
9.8
CVSSv3
CVE-2017-7862
FFmpeg prior to 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c.
Ffmpeg Ffmpeg
9.8
CVSSv3
CVE-2017-7863
FFmpeg prior to 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2017-7865
FFmpeg prior to 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2017-7866
FFmpeg prior to 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.
Ffmpeg Ffmpeg
8.8
CVSSv3
CVE-2021-33815
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.
Ffmpeg Ffmpeg 4.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »