CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1999014
https://notcve.org/view.php?id=CVE-2018-1999014
23 Jul 2018 — FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later. FFmpeg antes del commit con ID bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contiene una vulnerabilidad de acceso fuera de array en el demuxer de formato MXF ... • http://www.securityfocus.com/bid/104896 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1999015
https://notcve.org/view.php?id=CVE-2018-1999015
23 Jul 2018 — FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later. FFmpeg antes del commit con ID 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contiene una vulnerabilidad de lectura fuera de array en el demuxer de... • http://www.securityfocus.com/bid/104896 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-14394
https://notcve.org/view.php?id=CVE-2018-14394
19 Jul 2018 — libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file. libavformat/movenc.c en FFmpeg en versiones anteriores a la 4.0.2 permite que los atacantes provoquen una denegación de servicio (cierre inesperado de la aplicación provocado por un error de división entre cero) con un archivo de audio Waveform manipulado por el usuario. • https://github.com/FFmpeg/FFmpeg/commit/3a2d21bc5f97aa0161db3ae731fc2732be6108b8 • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2018-12458 – Debian Security Advisory 4249-1
https://notcve.org/view.php?id=CVE-2018-12458
15 Jun 2018 — An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. Un tipo de entero incorrecto en la función mpeg4_encode_gop_header en libavcodec/mpeg4videoenc.c en FFmpeg 2.8 y 4.0 podría desencadenar una violación de aserción al convertir un archivo AVI manipulado a MPEG4, lo que conduce a una denegación de servicio Several vulnerabilities hav... • https://github.com/FFmpeg/FFmpeg/commit/6bbef938839adc55e8e048bc9cc2e0fafe2064df • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-7751 – Gentoo Linux Security Advisory 202003-65
https://notcve.org/view.php?id=CVE-2018-7751
24 Apr 2018 — The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file. La función svg_probe en libavformat/img2dec.c en FFmpeg 3.4.2 permite que atacantes remotos provoquen una denegación de servicio (bucle infinito) mediante un archivo XML manipulado. Multiple vulnerabilities have been found in FFmpeg, the worst of which allows remote attackers to execute arbitrary code. Versions greater than or equal to 4 are aff... • http://www.securityfocus.com/bid/103956 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2018-10001 – Gentoo Linux Security Advisory 202003-65
https://notcve.org/view.php?id=CVE-2018-10001
11 Apr 2018 — The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file. La función decode_init en libavcodec/utvideodec.c en FFmpeg hasta la versión 3.4.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de array) utilizando un archivo AVI. Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=47b7c68ae54560e2308bdb6be4fb076c73b93081 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-9841 – Gentoo Linux Security Advisory 202003-65
https://notcve.org/view.php?id=CVE-2018-9841
07 Apr 2018 — The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename. La función export en libavfilter/vf_signature.c en FFmpeg, hasta la versión 3.4.2, permite que atacantes remotos provoquen una denegación de servicio (acceso fuera de límites) o, probablemente, provocar cualquier otro tipo de impacto mediante un nombre de archivo largo. Multiple vulnerabilities have... • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=35eeff30caf34df835206f1c12bcf4b7c2bd6758 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2018-7557 – Gentoo Linux Security Advisory 202003-65
https://notcve.org/view.php?id=CVE-2018-7557
28 Feb 2018 — The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data. La función decode_init en libavcodec/utvideodec.c en FFmpeg versión 2.8 hasta la versión 3.4.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de array) utilizando un archivo AVI manipulado con dimensiones manipuladas en datos de submuestreo de crominancia S... • https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/7414d0bda7763f9bd69c26c068e482ab297c1c96 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6912 – Gentoo Linux Security Advisory 202003-65
https://notcve.org/view.php?id=CVE-2018-6912
12 Feb 2018 — The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. La función decode_plane en libavcodec/utvideodec.c en FFmpeg hasta la versión 3.4.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de array) utilizando un archivo AVI manipulado. Multiple vulnerabilities have been found in FFmpeg, the worst of which allows remote attackers to execute arbitrary code. Version... • https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-6621 – Debian Security Advisory 4249-1
https://notcve.org/view.php?id=CVE-2018-6621
05 Feb 2018 — The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. La función decode_frame en libavcodec/utvideodec.c en FFmpeg hasta la versión 3.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de array) utilizando un archivo AVI manipulado Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentiall... • http://www.securityfocus.com/bid/102950 • CWE-125: Out-of-bounds Read •