Vulnerabilities > Ffmpeg > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-09 | CVE-2012-2778 | Unspecified vulnerability in Ffmpeg Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2773, CVE-2012-2780, and CVE-2012-2781. | 9.8 |
| 2017-08-09 | CVE-2012-2773 | Unspecified vulnerability in Ffmpeg Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2778, CVE-2012-2780, and CVE-2012-2781. | 9.8 |
| 2017-08-09 | CVE-2012-2771 | Unspecified vulnerability in Ffmpeg Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2773, CVE-2012-2778, CVE-2012-2780, and CVE-2012-2781. | 9.8 |
| 2017-01-23 | CVE-2016-6164 | Integer Overflow or Wraparound vulnerability in Ffmpeg Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size. | 9.8 |
| 2013-11-23 | CVE-2013-4265 | Memory Corruption vulnerability in FFmpeg The av_reallocp_array function in libavutil/mem.c in FFmpeg before 2.0.1 has an unspecified impact and remote vectors related to a "wrong return code" and a resultant NULL pointer dereference. | 10.0 |
| 2011-09-29 | CVE-2011-3504 | Code Injection vulnerability in Ffmpeg The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. | 9.3 |
| 2011-05-20 | CVE-2011-2162 | Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers." | 10.0 |
| 2011-05-20 | CVE-2011-2160 | Improper Input Validation vulnerability in multiple products The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-0723. | 9.3 |
| 2010-02-10 | CVE-2009-4637 | Buffer Errors vulnerability in Ffmpeg 0.5 FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow. | 10.0 |
| 2010-02-10 | CVE-2009-4635 | Code Injection vulnerability in Ffmpeg 0.5 FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, leading to processing of a video-structure pointer by the mp3 decoder, and a stack-based buffer overflow. | 9.3 |