Vulnerabilities > Ffmpeg > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-31 CVE-2017-14055 Excessive Iteration vulnerability in Ffmpeg 3.3.3
In libavformat/mvdec.c in FFmpeg 3.3.3, a DoS in mv_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption.
network
ffmpeg CWE-834
7.1
7.1
2017-08-31 CVE-2017-14054 Excessive Iteration vulnerability in Ffmpeg 3.3.3
In libavformat/rmdec.c in FFmpeg 3.3.3, a DoS in ivr_read_header() due to lack of an EOF (End of File) check might cause huge CPU consumption.
network
ffmpeg CWE-834
7.1
7.1
2017-08-28 CVE-2012-2805 Improper Resource Shutdown or Release vulnerability in Ffmpeg 0.10
Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service.
network
low complexity
ffmpeg CWE-404
7.5
7.5
2017-04-14 CVE-2017-7866 Out-of-bounds Write vulnerability in Ffmpeg
FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.
network
low complexity
ffmpeg CWE-787
7.5
7.5
2017-04-14 CVE-2017-7865 Out-of-bounds Write vulnerability in multiple products
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.
network
low complexity
ffmpeg debian CWE-787
7.5
7.5
2017-04-14 CVE-2017-7863 Out-of-bounds Write vulnerability in multiple products
FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c.
network
low complexity
ffmpeg debian CWE-787
7.5
7.5
2017-04-14 CVE-2017-7862 Out-of-bounds Write vulnerability in Ffmpeg
FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c.
network
low complexity
ffmpeg CWE-787
7.5
7.5
2017-04-14 CVE-2017-7859 Out-of-bounds Write vulnerability in Ffmpeg
FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.
network
low complexity
ffmpeg CWE-787
7.5
7.5
2017-02-09 CVE-2016-10192 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg
Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check chunk size.
network
low complexity
ffmpeg CWE-119
7.5
7.5
2017-02-09 CVE-2016-10191 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg
Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows remote attackers to execute arbitrary code by leveraging failure to check for RTMP packet size mismatches.
network
low complexity
ffmpeg CWE-119
7.5
7.5