Vulnerabilities > Ffmpeg
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-28 | CVE-2017-9992 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | 6.8 |
| 2017-06-28 | CVE-2017-9991 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | 6.8 |
| 2017-06-28 | CVE-2017-9990 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg Stack-based buffer overflow in the color_string_to_rgba function in libavcodec/xpmdec.c in FFmpeg 3.3 before 3.3.1 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. | 6.8 |
| 2017-04-14 | CVE-2017-7866 | Out-of-bounds Write vulnerability in Ffmpeg FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c. | 7.5 |
| 2017-04-14 | CVE-2017-7865 | Out-of-bounds Write vulnerability in multiple products FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c. | 7.5 |
| 2017-04-14 | CVE-2017-7863 | Out-of-bounds Write vulnerability in multiple products FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. | 7.5 |
| 2017-04-14 | CVE-2017-7862 | Out-of-bounds Write vulnerability in Ffmpeg FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c. | 7.5 |
| 2017-04-14 | CVE-2017-7859 | Out-of-bounds Write vulnerability in Ffmpeg FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c. | 7.5 |
| 2017-03-20 | CVE-2012-5361 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file. | 6.8 |
| 2017-02-09 | CVE-2016-10192 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size. | 7.5 |