Ffmpeg

Ffmpeg

484 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2012-2781

  • EPSS 0.41%
  • Published 09.08.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2773, CVE-2012-2778, and CVE-2012-2780.

7.8

CVE-2017-11719

  • EPSS 0.25%
  • Published 28.07.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.

7.5

CVE-2017-11665

  • EPSS 0.53%
  • Published 27.07.2017 12:29:00
  • Last modified 20.04.2025 01:37:25

The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.

7.8

CVE-2017-11399

  • EPSS 0.09%
  • Published 17.07.2017 19:29:00
  • Last modified 20.04.2025 01:37:25

Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access and application crash) or possibly have unspecified other impact via a craf...

8.8

CVE-2017-9990

  • EPSS 0.97%
  • Published 28.06.2017 06:29:00
  • Last modified 20.04.2025 01:37:25

Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.

7.8

CVE-2017-9991

  • EPSS 0.46%
  • Published 28.06.2017 06:29:00
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (appli...

8.8

CVE-2017-9992

  • EPSS 0.7%
  • Published 28.06.2017 06:29:00
  • Last modified 20.04.2025 01:37:25

Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application c...

7.5

CVE-2017-9993

  • EPSS 56.17%
  • Published 28.06.2017 06:29:00
  • Last modified 20.04.2025 01:37:25

FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist d...

7.8

CVE-2017-9994

  • EPSS 0.42%
  • Published 28.06.2017 06:29:00
  • Last modified 20.04.2025 01:37:25

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of service (heap-based buffer overflow ...

7.8

CVE-2017-9995

  • EPSS 0.38%
  • Published 28.06.2017 06:29:00
  • Last modified 20.04.2025 01:37:25

libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via...