CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6912 – Gentoo Linux Security Advisory 202003-65
https://notcve.org/view.php?id=CVE-2018-6912
12 Feb 2018 — The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. La función decode_plane en libavcodec/utvideodec.c en FFmpeg hasta la versión 3.4.2 permite a atacantes remotos causar una denegación de servicio (lectura fuera de array) utilizando un archivo AVI manipulado. Multiple vulnerabilities have been found in FFmpeg, the worst of which allows remote attackers to execute arbitrary code. Version... • https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/76cc0f0f673353cd4746cd3b83838ae335e5d9ed • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6392 – Debian Security Advisory 4249-1
https://notcve.org/view.php?id=CVE-2018-6392
29 Jan 2018 — The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file. La función filter_slice en libavfilter/vf_transpose.c en FFmpeg hasta la versión 3.4.1 permite a atacantes remotos causar una denegación de servicio (acceso fuera de array) utilizando un archivo MP4 manipulado. Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service o... • http://www.securityfocus.com/bid/102848 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-17555
https://notcve.org/view.php?id=CVE-2017-17555
12 Dec 2017 — The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio file. La función swri_audio_convert en audioconvert.c en FFmpeg libswresample hasta 3.0.101, tal y como se emplea en FFmpeg 3.4.1, aubio 0.4.6 y otros productos, permite que atacantes remotos provoquen una denegación de servicio (desreferenc... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 5%CPEs: 5EXPL: 0CVE-2005-4048
https://notcve.org/view.php?id=CVE-2005-4048
07 Dec 2005 — Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •