Vulnerabilities > Ffmpeg > Ffmpeg > 0.4.9.pre1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-14 | CVE-2014-4610 | Integer Overflow or Wraparound vulnerability in Ffmpeg Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run. | 6.8 |
| 2019-10-14 | CVE-2019-17542 | Improper Validation of Array Index vulnerability in multiple products FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. | 7.5 |
| 2019-10-14 | CVE-2019-17539 | NULL Pointer Dereference vulnerability in multiple products In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. | 7.5 |
| 2019-09-05 | CVE-2019-15942 | Unchecked Return Value vulnerability in Ffmpeg FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer. | 8.8 |
| 2019-06-04 | CVE-2019-12730 | Use of Uninitialized Resource vulnerability in Ffmpeg aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables. | 7.5 |
| 2018-08-23 | CVE-2018-15822 | Reachable Assertion vulnerability in multiple products The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure. | 7.5 |
| 2018-07-23 | CVE-2018-1999015 | Out-of-bounds Read vulnerability in Ffmpeg FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. | 4.3 |
| 2018-07-23 | CVE-2018-1999014 | Out-of-bounds Read vulnerability in Ffmpeg FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. | 4.3 |
| 2018-07-23 | CVE-2018-1999013 | Use After Free vulnerability in Ffmpeg FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. | 4.3 |
| 2018-07-23 | CVE-2018-1999012 | Infinite Loop vulnerability in Ffmpeg FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. | 7.1 |