Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libavcodec vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-14225
The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dere...
Ffmpeg Ffmpeg 3.3.3
4.3
CVSSv2
CVE-2018-12460
libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.
Ffmpeg Ffmpeg 4.0
10
CVSSv2
CVE-2012-2795
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg prior to 0.11 have unknown impact and attack vectors related to (1) size of "mclms arrays," (2) "a get_bits(0) in decode_ac_filter," and (3) "too many bits in decode_channel_res...
Ffmpeg Ffmpeg 0.7.7
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.7.6
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.10.3
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.8.6
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.7.5
Ffmpeg Ffmpeg 0.5.4.6
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.9.1
Ffmpeg Ffmpeg 0.8.5.4
Ffmpeg Ffmpeg 0.8.5.3
Ffmpeg Ffmpeg 0.5.1
Ffmpeg Ffmpeg 0.8.5
Ffmpeg Ffmpeg 0.9
NA
CVE-2023-47470
Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote malicious user to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/ev...
Ffmpeg Ffmpeg
9.3
CVSSv2
CVE-2013-0859
The add_doubles_metadata function in libavcodec/tiff.c in FFmpeg prior to 1.1 allows remote malicious users to have an unspecified impact via a negative or zero count value in a TIFF image, which triggers an out-of-bounds array access.
Ffmpeg Ffmpeg 0.7.7
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.7.6
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.10.3
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.8.6
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.7.5
Ffmpeg Ffmpeg 0.5.4.6
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.9.1
Ffmpeg Ffmpeg 0.8.5.4
Ffmpeg Ffmpeg 0.8.5.3
Ffmpeg Ffmpeg 0.5.1
Ffmpeg Ffmpeg 0.8.5
Ffmpeg Ffmpeg 0.9
6.8
CVSSv2
CVE-2017-9990
Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Ffmpeg Ffmpeg
7.1
CVSSv2
CVE-2019-9717
In Libav 12.3, a denial of service in the subtitle decoder allows malicious users to hog the CPU via a crafted video file in Matroska format, because srt_to_ass in libavcodec/srtdec.c has a complex format argument to sscanf.
Libav Libav
6.8
CVSSv2
CVE-2014-2098
libavcodec/wmalosslessdec.c in FFmpeg prior to 2.1.4 uses an incorrect data-structure size for certain coefficients, which allows remote malicious users to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted WMA data.
Ffmpeg Ffmpeg 2.0
Ffmpeg Ffmpeg 2.0.3
Ffmpeg Ffmpeg 2.0.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 2.0.1
Ffmpeg Ffmpeg 2.1.1
Ffmpeg Ffmpeg 2.1
Ffmpeg Ffmpeg 2.1.2
9.3
CVSSv2
CVE-2013-0869
The field_end function in libavcodec/h264.c in FFmpeg prior to 1.1.2 allows remote malicious users to have an unspecified impact via crafted H.264 data, related to an SPS and slice mismatch and an out-of-bounds array access.
Ffmpeg Ffmpeg 0.7.7
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.7.6
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.10.3
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.8.6
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.7.5
Ffmpeg Ffmpeg 0.5.4.6
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 1.0
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.9.1
Ffmpeg Ffmpeg 0.8.5.4
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 0.8.5.3
Ffmpeg Ffmpeg 0.5.1
9.3
CVSSv2
CVE-2013-0877
The old_codec37 function in libavcodec/sanm.c in FFmpeg prior to 1.1.3 allows remote malicious users to have an unspecified impact via crafted LucasArts Smush data that has a large size when decoded, related to an out-of-bounds array access.
Ffmpeg Ffmpeg 0.7.7
Ffmpeg Ffmpeg 0.7.1
Ffmpeg Ffmpeg 0.7.6
Ffmpeg Ffmpeg 0.4.5
Ffmpeg Ffmpeg 0.10.3
Ffmpeg Ffmpeg 0.3.2
Ffmpeg Ffmpeg 0.8.6
Ffmpeg Ffmpeg 0.4.7
Ffmpeg Ffmpeg 0.6.1
Ffmpeg Ffmpeg 0.3.3
Ffmpeg Ffmpeg 0.7.5
Ffmpeg Ffmpeg 0.5.4.6
Ffmpeg Ffmpeg 0.3
Ffmpeg Ffmpeg 0.4.2
Ffmpeg Ffmpeg 1.0
Ffmpeg Ffmpeg 1.1.1
Ffmpeg Ffmpeg 0.5
Ffmpeg Ffmpeg 0.5.4
Ffmpeg Ffmpeg 0.9.1
Ffmpeg Ffmpeg 0.8.5.4
Ffmpeg Ffmpeg 0.8.5.3
Ffmpeg Ffmpeg 0.5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »