Shodan
Vulnerabilities
Vulnerable Software
Ffmpeg:  >> Ffmpeg  Security Vulnerabilities
CVE-2024-36613
FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in a denial-of-service (DoS) condition or other undefined behavior.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-01-03
CVE-2023-6603
A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-12-31
CVE-2023-6602
A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists.
CVSS Score
5.3
EPSS Score
0.004
Published
2024-12-31
CVE-2024-35368
FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-11-29
CVE-2024-35366
FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking.
CVSS Score
9.1
EPSS Score
0.002
Published
2024-11-29
CVE-2024-35367
FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer
CVSS Score
9.1
EPSS Score
0.001
Published
2024-11-29
CVE-2024-36615
FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread.
CVSS Score
5.9
EPSS Score
0.001
Published
2024-11-29
CVE-2024-36616
An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.
CVSS Score
6.5
EPSS Score
0.001
Published
2024-11-29
CVE-2024-36617
FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-11-29
CVE-2024-36618
FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.
CVSS Score
6.2
EPSS Score
0.0
Published
2024-11-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved