Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-11339
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 prior to 4.0.4 and 4.1 prior to 4.1.2 allows remote malicious users to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video data.
Ffmpeg Ffmpeg
8.8
CVSSv3
CVE-2019-11338
libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote malicious users to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.
Ffmpeg Ffmpeg 3.4
Ffmpeg Ffmpeg 4.1.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Novell Suse Package Hub For Suse Linux Enterprise 12
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
8.8
CVSSv3
CVE-2018-1999011
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file th...
Ffmpeg Ffmpeg
8.8
CVSSv3
CVE-2018-14521
An issue exists in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.
Aubio Aubio 0.4.6
8.8
CVSSv3
CVE-2018-14522
An issue exists in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.
Aubio Aubio 0.4.6
Suse Linux Enterprise 15.0
Opensuse Leap 42.3
Opensuse Leap 15.0
8.8
CVSSv3
CVE-2018-14523
An issue exists in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.
Aubio Aubio 0.4.6
Opensuse Leap 15.0
Suse Linux Enterprise 15.0
Opensuse Leap 42.3
8.8
CVSSv3
CVE-2018-13302
In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a d...
Ffmpeg Ffmpeg 4.0.1
Debian Debian Linux 9.0
8.8
CVSSv3
CVE-2018-9841
The export function in libavfilter/vf_signature.c in FFmpeg up to and including 3.4.2 allows remote malicious users to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.
Ffmpeg Ffmpeg
8.8
CVSSv3
CVE-2012-5360
Libavcodec in FFmpeg prior to 0.11 allows remote malicious users to execute arbitrary code via a crafted QT file.
Ffmpeg Ffmpeg
8.8
CVSSv3
CVE-2012-5359
Libavcodec in FFmpeg prior to 0.11 allows remote malicious users to execute arbitrary code via a crafted ASF file.
Ffmpeg Ffmpeg
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »