Vulnerabilities > Ffmpeg > Ffmpeg > 3.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-04-11 | CVE-2018-10001 | Out-of-bounds Read vulnerability in multiple products The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file. | 6.5 |
2018-04-07 | CVE-2018-9841 | Out-of-bounds Read vulnerability in Ffmpeg The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename. | 8.8 |
2018-02-28 | CVE-2018-7557 | Out-of-bounds Read vulnerability in multiple products The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data. | 6.5 |
2018-02-12 | CVE-2018-6912 | Out-of-bounds Read vulnerability in Ffmpeg The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. | 4.3 |
2018-01-29 | CVE-2018-6392 | Out-of-bounds Read vulnerability in multiple products The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file. | 4.3 |
2017-12-27 | CVE-2017-9608 | NULL Pointer Dereference vulnerability in Ffmpeg The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file. | 4.3 |
2017-11-06 | CVE-2017-15672 | Out-of-bounds Read vulnerability in multiple products The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read. | 8.8 |
2017-10-24 | CVE-2017-15186 | Double Free vulnerability in Ffmpeg Double free vulnerability in FFmpeg 3.3.4 and earlier allows remote attackers to cause a denial of service via a crafted AVI file. | 4.3 |
2017-09-27 | CVE-2017-14767 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service (heap buffer overflow) or possibly have unspecified other impact via a crafted sdp file. | 6.8 |
2017-07-28 | CVE-2017-11719 | Out-of-bounds Read vulnerability in Ffmpeg The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file. | 6.8 |