Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg 3.3 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2017-9995
libavcodec/scpr.c in FFmpeg 3.3 prior to 3.3.1 does not properly validate height and width data, which allows remote malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Ffmpeg Ffmpeg 3.3
7.8
CVSSv3
CVE-2017-9991
Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) ...
Ffmpeg Ffmpeg 3.2.4
Ffmpeg Ffmpeg 3.1.6
Ffmpeg Ffmpeg 3.1.7
Ffmpeg Ffmpeg 3.0.5
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.2.1
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.0.4
Ffmpeg Ffmpeg 3.3
Ffmpeg Ffmpeg 3.2.3
Ffmpeg Ffmpeg 3.0.6
Ffmpeg Ffmpeg
Ffmpeg Ffmpeg 3.1.1
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.2.2
Ffmpeg Ffmpeg 3.0.7
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.1
7.8
CVSSv3
CVE-2017-9996
The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 does not exclude the CHUNKY format, which allows remote malicious users to cause a denial of service (he...
Ffmpeg Ffmpeg 2.8.3
Ffmpeg Ffmpeg 2.8.4
Ffmpeg Ffmpeg 2.8.5
Ffmpeg Ffmpeg 2.8.6
Ffmpeg Ffmpeg 3.1.3
Ffmpeg Ffmpeg 3.1.4
Ffmpeg Ffmpeg 3.1.5
Ffmpeg Ffmpeg 3.2
Ffmpeg Ffmpeg 3.1.6
Ffmpeg Ffmpeg 3.1.7
Ffmpeg Ffmpeg 3.0.5
Ffmpeg Ffmpeg 3.0.6
Ffmpeg Ffmpeg 3.0
Ffmpeg Ffmpeg 3.0.1
Ffmpeg Ffmpeg 3.0.2
Ffmpeg Ffmpeg 3.0.3
Ffmpeg Ffmpeg 3.2.2
Ffmpeg Ffmpeg 3.2.4
Ffmpeg Ffmpeg 3.0.7
Ffmpeg Ffmpeg 2.8.1
Ffmpeg Ffmpeg 2.8.8
Ffmpeg Ffmpeg 2.8.11
8.8
CVSSv3
CVE-2017-9990
Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.
Ffmpeg Ffmpeg
6.5
CVSSv3
CVE-2017-9608
The dnxhd decoder in FFmpeg prior to 3.2.6, and 3.3.x prior to 3.3.3 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted mov file.
Ffmpeg Ffmpeg
8.8
CVSSv3
CVE-2017-9992
Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 allows remote malicious users to cause a denial of service (application crash) or possi...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
7.8
CVSSv3
CVE-2017-9994
libavcodec/webp.c in FFmpeg prior to 2.8.12, 3.0.x prior to 3.0.8, 3.1.x prior to 3.1.8, 3.2.x prior to 3.2.5, and 3.3.x prior to 3.3.1 does not ensure that pix_fmt is set, which allows remote malicious users to cause a denial of service (heap-based buffer overflow and applicatio...
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-9993
FFmpeg prior to 2.8.12, 3.0.x and 3.1.x prior to 3.1.9, 3.2.x prior to 3.2.6, and 3.3.x prior to 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows malicious users to read arbitrary files via crafted playlist data.
Ffmpeg Ffmpeg
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started