ffmpeg

489 tracked vulnerabilities.

CVE-2017-11719 HIGH
FFmpeg 3.0-3.3.2 - Out-of-bounds Read in DNxHD Decoder
Jul 28, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-11665 HIGH
FFmpeg 3.3.2 - Denial of Service via Crafted RTMP Stream
Jul 27, 2017
CVSS 7.5
EPSS 0.01
CVE-2017-11399 HIGH
FFmpeg 2.4-3.3.2 - Out-of-bounds Read via Crafted APE File
Jul 17, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-9996 HIGH
FFmpeg 2.8.x-3.3.0 Heap-Based Buffer Overflow in cdxl_decode_frame
Jun 28, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-9995 HIGH
FFmpeg 3.3 - Heap-Based Buffer Overflow in libavcodec/scpr.c
Jun 28, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-9994 HIGH
FFmpeg < 2.8.12, 3.0.x < 3.0.8, 3.1.x < 3.1.8, 3.2.x < 3.2.5, 3.3.x < 3.3.1 - Heap-Based Buffer Overflow in WebP Decoder
Jun 28, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-9993 HIGH
FFmpeg < 2.8.12, 3.0.x-3.1.8, 3.2.x-3.2.5, 3.3.x-3.3.1 - Arbitrary File Read via Crafted HLS Playlist Data
Jun 28, 2017
CVSS 7.5
EPSS 0.56
CVE-2017-9992 HIGH
FFmpeg < 2.8.12, 3.0.x < 3.0.8, 3.1.x < 3.1.8, 3.2.x < 3.2.5, 3.3.x < 3.3.1 - Heap-based Buffer Overflow in decode_dds1
Jun 28, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-9991 HIGH
FFmpeg < 2.8.12, 3.0.x < 3.0.8, 3.1.x < 3.1.8, 3.2.x < 3.2.5, 3.3.x < 3.3.1 - Heap Overflow
Jun 28, 2017
CVSS 7.8
EPSS 0.00
CVE-2017-9990 HIGH
FFmpeg < 3.3 - Stack-based Buffer Overflow in color_string_to_rgba
Jun 28, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-7866 CRITICAL
FFmpeg < 2.8.9 - Out-of-bounds Write via decode_zbuf Function
Apr 14, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-7865 CRITICAL
FFmpeg < 2.8.9 - Out-of-bounds Write via ipvideo_decode_block_opcode_0xA
Apr 14, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-7863 CRITICAL
FFmpeg < 2.8.10 - Out-of-bounds Write in PNG Decoder
Apr 14, 2017
CVSS 9.8
EPSS 0.01
CVE-2017-7862 CRITICAL
FFmpeg < 2.8.10 - Out-of-bounds Write in decode_frame Function
Apr 14, 2017
CVSS 9.8
EPSS 0.02
CVE-2017-7859 CRITICAL
FFmpeg < 3.2.4 - Out-of-bounds Write in H.264 Slice Context Initialization
Apr 14, 2017
CVSS 9.8
EPSS 0.01
CVE-2016-10192 CRITICAL
FFmpeg < 2.8.10, 3.0.x < 3.0.5, 3.1.x < 3.1.6, 3.2.x < 3.2.2 - Remote Code Execution via Chunk Size Mismatch
Feb 09, 2017
CVSS 9.8
EPSS 0.05
CVE-2016-10191 CRITICAL
FFmpeg < 2.8.10, 3.0.x < 3.0.5, 3.1.x < 3.1.6, 3.2.x < 3.2.2 - Remote Code Execution via RTMP Packet Size Mismatch
Feb 09, 2017
CVSS 9.8
EPSS 0.08
CVE-2016-10190 CRITICAL
FFmpeg < 2.8.10, 3.0.x < 3.0.5, 3.1.x < 3.1.6, 3.2.x < 3.2.2 - RCE via Negative Chunk Size
Feb 09, 2017
CVSS 9.8
EPSS 0.10
CVE-2016-6920 HIGH
FFmpeg < 3.1.2 - Heap-Based Buffer Overflow in EXR Decoder
Jan 23, 2017
CVSS 7.5
EPSS 0.02
CVE-2016-6164 CRITICAL
FFmpeg <2.8.8, <3.0.3, <3.1.1 - Buffer Overflow
Jan 23, 2017
CVSS 9.8
EPSS 0.01
CVE-2016-9561 MEDIUM
FFmpeg < 3.2 - Denial of Service via Crafted MOV File
Dec 23, 2016
CVSS 5.5
EPSS 0.00
CVE-2016-8595 MEDIUM
FFmpeg < 3.1.5 - Denial of Service via Crafted AVI File
Dec 23, 2016
CVSS 5.5
EPSS 0.00
CVE-2016-7905 MEDIUM
FFmpeg < 3.1.3 - Denial of Service via Crafted AVI File
Dec 23, 2016
CVSS 5.5
EPSS 0.01
CVE-2016-7785 MEDIUM
FFmpeg < 3.1.3 - Denial of Service via Crafted AVI File
Dec 23, 2016
CVSS 5.5
EPSS 0.00
CVE-2016-7562 MEDIUM
FFmpeg < 3.1.3 - Denial of Service via Crafted AVI File
Dec 23, 2016
CVSS 5.5
EPSS 0.01
Products
ffmpeg 480 FFmpeg 8 MPEG-DASH 1 lavf_demuxer 1 libavcodec 1 libswresample 1
Quick Filters
Critical CVEs With Exploits In CISA KEV