Lucene search
K

127 matches found

AlpineLinux
AlpineLinux
added 2019/04/18 11:52 p.m.37 views

CVE-2019-11338

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service NULL pointer dereference and out-of-array access or possibly have unspecified other impact via crafted HEVC data...

8.8CVSS9.1AI score0.02354EPSS
Exploits0
OSV
OSV
added 2018/08/10 8:25 p.m.9 views

SUSE-SU-2018:2305-1 Security update for ffmpeg

This update for ffmpeg fixes the following issues: Security issues fixed: - CVE-2018-13302: Fixed out of array access issue bsc1100356. - CVE-2018-1999010: Fixed multiple out of array access vulnerabilities in the mms protocol that could result in accessing out of bound data via specially crafted...

9.8CVSS8.3AI score0.04244EPSS
Exploits0References11
Veracode
Veracode
added 2018/07/24 6:14 a.m.35 views

Denial Of Service (DoS)

FFmpeg is vulnerable to denial of service DoS attacks. The library contains multiple out-of-array accesses in the ffmmsasfheaderparser function of mms.c, allowing a malicious user to pass a file to the application to cause out-of-array accesses that can crash the application...

9.8CVSS8.8AI score0.03109EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2018/07/23 3:29 p.m.29 views

CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

6.5CVSS6.5AI score0.01763EPSS
Exploits0References2
Prion
Prion
added 2018/07/23 3:29 p.m.24 views

Design/Logic Flaw

FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been...

7.5CVSS9.6AI score0.03109EPSS
Exploits0References3Affected Software2
UbuntuCve
UbuntuCve
added 2018/07/23 3:29 p.m.32 views

CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

6.5CVSS6.5AI score0.01763EPSS
Exploits0References2
OSV
OSV
added 2018/07/23 3:29 p.m.12 views

CVE-2018-1999014

FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been...

6.5CVSS6.9AI score
Exploits0References2
OSV
OSV
added 2018/07/23 3:29 p.m.27 views

CVE-2018-1999010

FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been...

9.8CVSS7AI score0.03109EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/23 3:0 p.m.35 views

CVE-2018-1999010

FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been...

8.2AI score0.03109EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/23 3:0 p.m.28 views

CVE-2018-1999015

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

6.5AI score0.01763EPSS
Exploits0References2
CVE
CVE
added 2018/07/23 3:0 p.m.109 views

CVE-2018-1999010

CVE-2018-1999010 affects FFmpeg prior to commit cced03dd667a5df6df8fd40d8de0bff477ee02e8, which contains multiple out-of-array access vulnerabilities in the MMS protocol. The flaws can allow an attacker to read out-of-bounds data and appear exploitable via network connectivity. The issue is expli...

9.8CVSS8AI score0.03109EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/07/23 3:0 p.m.25 views

CVE-2018-1999014

FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been...

6.5AI score0.01461EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2018/07/23 3:0 p.m.51 views

CVE-2018-1999010

FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been...

9.8CVSS8.4AI score0.03109EPSS
Exploits0
Veracode
Veracode
added 2018/07/17 3:11 a.m.29 views

Denial Of Service (DoS)

ffmpeg is vulnerable to denial of service DoS attacks. The library does not properly handle frame types that contain multiple independent substreams in them, allowing a malicious user to pass an AVI file to be converted to an MP4 file that can cause an out-of-array access that can crash the...

8.8CVSS8.2AI score0.0221EPSS
Exploits0References4Affected Software3
UbuntuCve
UbuntuCve
added 2018/07/05 5:29 p.m.41 views

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

8.1CVSS6.7AI score0.02301EPSS
Exploits0References1
Prion
Prion
added 2018/07/05 5:29 p.m.22 views

Information disclosure

In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1putblocksclamped function in libavcodec/vc1block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service...

5.8CVSS7.6AI score0.01411EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2018/07/05 5:29 p.m.26 views

CVE-2018-13302

In FFmpeg 4.0.1, improper handling of frame types other than EAC3FRAMETYPEINDEPENDENT that have multiple independent substreams in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or...

8.8CVSS6.8AI score0.0221EPSS
Exploits0References1
NVD
NVD
added 2018/07/05 5:29 p.m.20 views

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

8.1CVSS7.4AI score0.02301EPSS
Exploits0References4
Prion
Prion
added 2018/07/05 5:29 p.m.27 views

Information disclosure

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

5.8CVSS7.5AI score0.02301EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2018/07/05 5:29 p.m.29 views

CVE-2018-13300

In FFmpeg 3.2 and 4.0.1, an improper argument AVCodecParameters passed to the avprivrequestsample function in the handleeac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information...

8.1CVSS6.4AI score
Exploits0References4
Rows per page
Query Builder