Shodan
Vulnerabilities
Vulnerable Software
Ffmpeg:  >> Ffmpeg  Security Vulnerabilities
CVE-2017-14058
In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allows remote attackers to cause a denial of service (infinite loop).
CVSS Score
6.5
EPSS Score
0.007
Published
2017-08-31
CVE-2017-14059
In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption. When a crafted CINE file, which claims a large "duration" field in the header but does not contain sufficient backing data, is provided, the image-offset parsing loop would consume huge CPU and memory resources, since there is no EOF check inside the loop.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-08-31
CVE-2012-2805
Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-08-28
CVE-2013-0870
The 'vp3_decode_frame' function in FFmpeg 1.1.4 moves threads check out of header packet type check.
CVSS Score
9.8
EPSS Score
0.005
Published
2017-08-28
CVE-2012-2771
Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2773, CVE-2012-2778, CVE-2012-2780, and CVE-2012-2781.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-08-09
CVE-2012-2773
Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2778, CVE-2012-2780, and CVE-2012-2781.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-08-09
CVE-2012-2778
Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2773, CVE-2012-2780, and CVE-2012-2781.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-08-09
CVE-2012-2780
Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2773, CVE-2012-2778, and CVE-2012-2781.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-08-09
CVE-2012-2781
Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-2012-2773, CVE-2012-2778, and CVE-2012-2780.
CVSS Score
9.8
EPSS Score
0.004
Published
2017-08-09
CVE-2017-11719
The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-07-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved