Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg libavcodec vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2012-5360
Libavcodec in FFmpeg prior to 0.11 allows remote malicious users to execute arbitrary code via a crafted QT file.
Ffmpeg Ffmpeg
6.5
CVSSv3
CVE-2018-6621
The decode_frame function in libavcodec/utvideodec.c in FFmpeg up to and including 3.2 allows remote malicious users to cause a denial of service (out of array read) via a crafted AVI file.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.5
CVSSv3
CVE-2017-1000460
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
Libav Libav 13 Dev0
Ffmpeg Ffmpeg 3.4
Google Chrome
6.5
CVSSv3
CVE-2017-17081
The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote malicious users to cause a denial of service (integer signedness error and out-of-array read) via a crafted MPEG file.
Ffmpeg Ffmpeg 3.4
9.8
CVSSv3
CVE-2017-16840
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote malicious users to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.4
Debian Debian Linux 9.0
1 Github repository
8.8
CVSSv3
CVE-2017-15672
The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote malicious users to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2017-14795
The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with hls_pcm_sample in...
Libbpg Project Libbpg 0.9.7
8.8
CVSSv3
CVE-2017-14796
The hevc_write_frame function in libbpg.c in libbpg 0.9.7 allows remote malicious users to cause a denial of service (integer underflow and application crash) or possibly have unspecified other impact via a crafted BPG file, related to improper interaction with copy_CTB_to_hv in ...
Libbpg Project Libbpg 0.9.7
8.8
CVSSv3
CVE-2017-14225
The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodec_string function in libavcodec/utils.c, leading to a NULL pointer dere...
Ffmpeg Ffmpeg 3.3.3
7.8
CVSSv3
CVE-2017-11719
The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 up to and including 3.3.2 allows remote malicious users to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.
Ffmpeg Ffmpeg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-38627
CVE-2022-45803
CVE-2024-38319
camera
template injection
CVE-2024-27801
CVE-2024-0762
CVE-2024-5791
unauthorized
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »