CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1143 matches found

UbuntuCve•added 2019/10/14 2:15 a.m.•27 views

CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

9.8CVSS6.8AI score0.00664EPSS

Exploits0References3

OSV•added 2019/10/14 2:15 a.m.•0 views

UBUNTU-CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

9.8CVSS6.7AI score0.00664EPSS

Exploits0References4

Cvelist•added 2019/10/14 1:9 a.m.•21 views

CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

9.5AI score0.00664EPSS

Exploits0References6

CVE•added 2019/10/14 1:9 a.m.•290 views

CVE-2019-17539

CVE-2019-17539 affects FFmpeg prior to 4.2, where avcodec_open2 in libavcodec/utils.c dereferences a NULL close function pointer, leading to a NULL pointer dereference and possibly unspecified other impact. Affected software is FFmpeg’s libavcodec component; root cause is a NULL pointer dereferen...

9.8CVSS9.3AI score0.00664EPSS

Exploits0References6Affected Software1

Debian CVE•added 2019/10/14 1:9 a.m.•28 views

CVE-2019-17539

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

9.8CVSS9AI score0.00664EPSS

Exploits0

Debian CVE•added 2019/10/14 1:9 a.m.•26 views

CVE-2019-17542

FFmpeg before 4.2 has a heap-based buffer overflow in vqadecodechunk because of an out-of-array access in vqadecodeinit in libavcodec/vqavideo.c...

9.8CVSS9.3AI score0.0081EPSS

Exploits0

CNVD•added 2019/10/14 12:0 a.m.•1 views

FFmpeg Null Pointer Dereference Vulnerability

FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. A null pointer dereference vulnerability exists in avcodecopen2 in libavcodec/utils.c in versions of FFmpeg prior to 4.2, which can be exploited b...

9.8CVSS9.2AI score0.00664EPSS

Exploits0References1

UbuntuCve•added 2019/09/19 9:15 p.m.•27 views

CVE-2019-9719

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a...

8.8CVSS7.5AI score0.00516EPSS

Exploits1References5

Prion•added 2019/09/19 9:15 p.m.•12 views

Format string

In Libav 12.3, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c has a complex format argument to sscanf...

7.1CVSS6.2AI score0.00258EPSS

Exploits1References2Affected Software1

CVE•added 2019/09/19 8:37 p.m.•133 views

CVE-2019-9720

CVE-2019-9720 affects Libav 12.3: a stack-based buffer overflow in the subtitle decoder due to incorrect use of snprintf in libavcodec/srtdec.c (srt_to_ass). Exploitation via a crafted Matroska video file can corrupt the stack. No explicit remediation details are given in the provided documents; ...

7.1CVSS6.5AI score0.00295EPSS

Exploits1References2Affected Software1

CVE•added 2019/09/19 8:32 p.m.•147 views

CVE-2019-9719

Libav 12.3 contains a stack-based buffer overflow in the subtitle decoder (srt_to_ass in libavcodec/srtdec.c) triggered by crafted Matroska video files; the issue stems from misusing snprintf. Multiple sources (Red Hat, SUSE, Ubuntu, OSV, and others) describe a vulnerability with claims of disput...

8.8CVSS8.7AI score0.00516EPSS

Exploits1References4Affected Software1

CVE•added 2019/09/19 8:28 p.m.•137 views

CVE-2019-9717

CVE-2019-9717 affects Libav 12.3, specifically the subtitle decoder in libavcodec/srtdec.c (function srt_to_ass). A crafted Matroska video file can cause a denial of service by hogging CPU, due to a complex format argument to sscanf in srt_to_ass. The available documents provide the vulnerability...

7.1CVSS6.2AI score0.00258EPSS

Exploits1References2Affected Software1

UbuntuCve•added 2019/09/05 4:15 p.m.•27 views

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

8.8CVSS7.2AI score0.00474EPSS

Exploits1References3

CNVD•added 2019/07/31 12:0 a.m.•1 views

Libav Number Error Vulnerability

Libav is Libav team's set of cross-platform audio and video can be recorded, converted solution, which includes a libavcodec encoder. A numeric error vulnerability exists in Libav. The vulnerability stems from a networked system or product that does not properly calculate or convert the resulting...

6.5CVSS6.7AI score0.00505EPSS

Exploits1References1

OSV•added 2019/07/30 1:15 p.m.•0 views

UBUNTU-CVE-2019-14443

An issue was discovered in Libav 12.3. Division by zero in rangedecodeculshift in libavcodec/apedec.c allows remote attackers to cause a denial of service application crash, as demonstrated by avconv...

6.5CVSS6.6AI score0.00505EPSS

Exploits1References3

Veracode•added 2019/07/08 3:27 a.m.•28 views

Buffer Over-read

FFmpeg is vulnerable to buffer over-read. The attack is possible because it does not support some of the pixel formats in the function blockcmp of ffmpeg/libavcodec/zmbvenc.c, causing a heap buffer overflow...

8.8CVSS9.1AI score0.00549EPSS

Exploits0References5Affected Software1