Shodan
Vulnerabilities
Vulnerable Software
Ffmpeg:  >> Ffmpeg  Security Vulnerabilities
CVE-2018-9841
The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-04-07
CVE-2018-7557
The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.
CVSS Score
6.5
EPSS Score
0.011
Published
2018-02-28
CVE-2018-6912
The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
CVSS Score
6.5
EPSS Score
0.007
Published
2018-02-12
CVE-2012-5359
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-02-08
CVE-2012-5360
Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-02-08
CVE-2018-6621
The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file.
CVSS Score
6.5
EPSS Score
0.007
Published
2018-02-05
CVE-2018-6392
The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file.
CVSS Score
6.5
EPSS Score
0.006
Published
2018-01-29
CVE-2015-1208
Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-01-09
CVE-2017-1000460
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-01-03
CVE-2017-9608
The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted mov file.
CVSS Score
6.5
EPSS Score
0.089
Published
2017-12-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved