CVE-2016-10192
- EPSS 6.18%
- Veröffentlicht 09.02.2017 15:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.
CVE-2016-6920
- EPSS 2.77%
- Veröffentlicht 23.01.2017 21:59:02
- Zuletzt bearbeitet 13.05.2026 00:24:29
Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service (application crash) via vectors involving tile positions.
CVE-2016-6164
- EPSS 1.77%
- Veröffentlicht 23.01.2017 21:59:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size.
CVE-2016-6671
- EPSS 1.7%
- Veröffentlicht 23.12.2016 05:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted SWF file.
CVE-2016-6881
- EPSS 0.89%
- Veröffentlicht 23.12.2016 05:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file.
CVE-2016-7122
- EPSS 0.85%
- Veröffentlicht 23.12.2016 05:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that has a crafted 'nctg' structure.
CVE-2016-7450
- EPSS 1.16%
- Veröffentlicht 23.12.2016 05:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a malformed AIFF file.
CVE-2016-7502
- EPSS 1.38%
- Veröffentlicht 23.12.2016 05:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavs_decode.
CVE-2016-7555
- EPSS 1.38%
- Veröffentlicht 23.12.2016 05:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has a crafted "strh" structure.
CVE-2016-7562
- EPSS 1.75%
- Veröffentlicht 23.12.2016 05:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer overflow) via a crafted AVI file.