CVE-2012-5359
- EPSS 3.33%
- Veröffentlicht 08.02.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 01:44:35
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.
CVE-2012-5360
- EPSS 3.33%
- Veröffentlicht 08.02.2018 23:29:00
- Zuletzt bearbeitet 21.11.2024 01:44:35
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file.
CVE-2018-6621
- EPSS 2.18%
- Veröffentlicht 05.02.2018 04:29:00
- Zuletzt bearbeitet 21.11.2024 04:11:00
The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
CVE-2018-6392
- EPSS 1.63%
- Veröffentlicht 29.01.2018 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:37
The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file.
CVE-2015-1208
- EPSS 1.49%
- Veröffentlicht 09.01.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 02:24:53
Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.
CVE-2017-1000460
- EPSS 0.49%
- Veröffentlicht 03.01.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:04:46
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exceptio...
CVE-2017-9608
- EPSS 4.54%
- Veröffentlicht 27.12.2017 19:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file.
CVE-2017-17555
- EPSS 1.06%
- Veröffentlicht 12.12.2017 01:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash)...
CVE-2017-17081
- EPSS 1.83%
- Veröffentlicht 30.11.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedness error and out-of-array read) via a crafted MPEG ...
CVE-2017-16840
- EPSS 3.33%
- Veröffentlicht 21.11.2017 08:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.