Ffmpeg

Ffmpeg

484 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2012-2781

  • EPSS 0.41%
  • Veröffentlicht 09.08.2017 18:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2773, CVE-2012-2778, and CVE-2012-2780.

7.8

CVE-2017-11719

  • EPSS 0.25%
  • Veröffentlicht 28.07.2017 05:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.

7.5

CVE-2017-11665

  • EPSS 0.53%
  • Veröffentlicht 27.07.2017 12:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.

7.8

CVE-2017-11399

  • EPSS 0.09%
  • Veröffentlicht 17.07.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access and application crash) or possibly have unspecified other impact via a craf...

8.8

CVE-2017-9990

  • EPSS 0.97%
  • Veröffentlicht 28.06.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.

7.8

CVE-2017-9991

  • EPSS 0.46%
  • Veröffentlicht 28.06.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (appli...

8.8

CVE-2017-9992

  • EPSS 0.7%
  • Veröffentlicht 28.06.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application c...

7.5

CVE-2017-9993

  • EPSS 56.17%
  • Veröffentlicht 28.06.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streaming filename extensions and demuxer names, which allows attackers to read arbitrary files via crafted playlist d...

7.8

CVE-2017-9994

  • EPSS 0.42%
  • Veröffentlicht 28.06.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pix_fmt is set, which allows remote attackers to cause a denial of service (heap-based buffer overflow ...

7.8

CVE-2017-9995

  • EPSS 0.38%
  • Veröffentlicht 28.06.2017 06:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

libavcodec/scpr.c in FFmpeg 3.3 before 3.3.1 does not properly validate height and width data, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via...