Vulnerabilities > Ffmpeg > Ffmpeg > 2.8.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-19 | CVE-2018-14394 | Divide By Zero vulnerability in Ffmpeg libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file. | 4.3 |
| 2018-04-24 | CVE-2018-7751 | Infinite Loop vulnerability in Ffmpeg The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file. | 4.3 |
| 2018-04-11 | CVE-2018-10001 | Out-of-bounds Read vulnerability in multiple products The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file. | 6.5 |
| 2018-04-07 | CVE-2018-9841 | Out-of-bounds Read vulnerability in Ffmpeg The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename. | 8.8 |
| 2018-02-28 | CVE-2018-7557 | Out-of-bounds Read vulnerability in multiple products The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data. | 6.5 |
| 2018-02-12 | CVE-2018-6912 | Out-of-bounds Read vulnerability in Ffmpeg The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. | 4.3 |
| 2018-02-05 | CVE-2018-6621 | Out-of-bounds Read vulnerability in multiple products The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. | 4.3 |
| 2018-01-29 | CVE-2018-6392 | Out-of-bounds Read vulnerability in multiple products The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file. | 4.3 |
| 2017-12-27 | CVE-2017-9608 | NULL Pointer Dereference vulnerability in Ffmpeg The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file. | 4.3 |
| 2017-11-06 | CVE-2017-15672 | Out-of-bounds Read vulnerability in multiple products The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read. | 8.8 |