Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-7865
FFmpeg prior to 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2017-7866
FFmpeg prior to 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.
Ffmpeg Ffmpeg
9.8
CVSSv3
CVE-2016-10192
Heap-based buffer overflow in ffserver.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote malicious users to execute arbitrary code by leveraging failure to check chunk size.
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.0.4
9.8
CVSSv3
CVE-2016-10190
Heap-based buffer overflow in libavformat/http.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote web servers to execute arbitrary code via a negative chunk size in an HTTP response.
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.0.4
9.8
CVSSv3
CVE-2016-10191
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg prior to 2.8.10, 3.0.x prior to 3.0.5, 3.1.x prior to 3.1.6, and 3.2.x prior to 3.2.2 allows remote malicious users to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.0.4
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0
1 Github repository
9.8
CVSSv3
CVE-2016-6164
Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg prior to 2.8.8, 3.0.x prior to 3.0.3 and 3.1.x prior to 3.1.1 allows remote malicious users to have unspecified impact via vectors involving sample size.
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.1
8.8
CVSSv3
CVE-2023-48909
An issue exists in Jave2 version 3.3.1, allows malicious users to execute arbitrary code via the FFmpeg function.
Aarboard Jave2 3.3.1
8.8
CVSSv3
CVE-2023-49096
Jellyfin is a Free Software Media System for managing and streaming media. In affected versions there is an argument injection in the VideosController, specifically the `/Videos/<itemId>/stream` and `/Videos/<itemId>/stream.<container>` endpoints which are prese...
Jellyfin Jellyfin
8.8
CVSSv3
CVE-2022-4907
Uninitialized Use in FFmpeg in Google Chrome before 108.0.5359.71 allowed a remote malicious user to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Debian Debian Linux 12.0
8.8
CVSSv3
CVE-2021-38092
Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows malicious users to cause a Denial of Service or other unspecified impacts.
Ffmpeg Ffmpeg 4.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »