Vulnerabilities > Ffmpeg > Ffmpeg > 4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-19 | CVE-2018-14394 | Divide By Zero vulnerability in Ffmpeg libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file. | 4.3 |
| 2018-06-15 | CVE-2018-12460 | NULL Pointer Dereference vulnerability in Ffmpeg 4.0 libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c. | 4.3 |
| 2018-06-15 | CVE-2018-12459 | Improper Input Validation vulnerability in Ffmpeg 4.0 An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. | 4.3 |
| 2018-06-15 | CVE-2018-12458 | Improper Input Validation vulnerability in multiple products An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. | 4.3 |