CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

Prion•added 2019/03/12 9:29 a.m.•23 views

Format string

In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

4.3CVSS6.2AI score0.01565EPSS

Exploits0References6Affected Software3

NVD•added 2019/03/12 9:29 a.m.•30 views

CVE-2019-9721

A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...

6.5CVSS6.4AI score0.01423EPSS

Exploits0References4

NVD•added 2019/03/12 9:29 a.m.•23 views

CVE-2019-9718

6.5CVSS7AI score0.01565EPSS

Exploits0References6

OSV•added 2019/03/12 9:29 a.m.•24 views

CVE-2019-9721

6.5CVSS6.4AI score

Exploits0References4

OSV•added 2019/03/12 9:29 a.m.•1 views

DEBIAN-CVE-2019-9718

6.5CVSS6.7AI score0.01565EPSS

Exploits0References1

Cvelist•added 2019/03/12 6:0 a.m.•33 views

CVE-2019-9718

6.9AI score0.01565EPSS

Exploits0References6

AlpineLinux•added 2019/03/12 6:0 a.m.•52 views

CVE-2019-9721

6.5CVSS7.1AI score0.01423EPSS

Exploits0

CVE•added 2019/03/12 6:0 a.m.•174 views

CVE-2019-9721

FFmpeg 3.2 and 4.1 are affected by CVE-2019-9721, a denial-of-service in the subtitle decoder caused by a complex sscanf format in libavcodec/htmlsubtitles.c (handle_open_brace). Public OSV entries summarize fixes in FFmpeg 4.2 and related components for multiple CVEs (e.g., CVE-2020-21688, -2169...

6.5CVSS6.8AI score0.01423EPSS

Exploits0References4Affected Software1

Debian CVE•added 2019/03/12 6:0 a.m.•21 views

CVE-2019-9721

6.5CVSS6AI score0.01423EPSS

Exploits0

Debian CVE•added 2019/03/12 6:0 a.m.•30 views

CVE-2019-9718

6.5CVSS6AI score0.01565EPSS

Exploits0

CVE•added 2019/03/12 6:0 a.m.•152 views

CVE-2019-9718

CVE-2019-9718 is a DoS in FFmpeg’s subtitle decoder, affecting FFmpeg 3.2 and 4.1 via the Matroska subtitle path. The root cause is a complex format string in ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c that enables consuming excessive CPU when parsing crafted Matroska subtitles. Public ad...

6.5CVSS6.3AI score0.01565EPSS

Exploits0References6Affected Software1

OSV•added 2019/03/12 12:0 a.m.•0 views

UBUNTU-CVE-2019-9721

6.5CVSS6.7AI score0.01423EPSS

Exploits0References4

UbuntuCve•added 2019/03/12 12:0 a.m.•29 views

CVE-2019-9721

6.5CVSS6.8AI score0.01423EPSS

Exploits0References3

CNVD•added 2019/03/12 12:0 a.m.•2 views

FFmpeg 'ff_htmlmarkup_to_ass' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffhtmlmarkuptoass' function in the libavcodec/htmlsubtitles.c file of the subtitle decoder in FFmpeg version 4.1. A remote attacker can exploit this...

6.5CVSS6.8AI score0.01565EPSS

Exploits0References1

UbuntuCve•added 2019/03/12 12:0 a.m.•28 views

CVE-2019-9718

6.5CVSS6.8AI score0.01565EPSS

Exploits0References3

Positive Technologies•added 2019/02/06 12:0 a.m.•4 views

PT-2019-4946 · FFmpeg +3 · Ffmpeg +3

Name of the Vulnerable Software and Affected Versions: FFmpeg versions 3.2 through 4.1 Description: The issue is related to a denial of service in the subtitle decoder, specifically due to the handle open brace function in libavcodec/htmlsubtitles.c, which has a complex format argument to sscanf...

10CVSS6.2AI score0.03756EPSS

Exploits28References128

Positive Technologies•added 2019/01/06 12:0 a.m.•3 views

PT-2019-4614 · FFmpeg +3 · Ffmpeg +3

Name of the Vulnerable Software and Affected Versions: FFmpeg versions 3.2 through 4.1 Description: The issue is related to a denial of service in the subtitle decoder, allowing attackers to consume excessive CPU resources via a crafted video file in Matroska format. This is due to the ff...

10CVSS7AI score0.04244EPSS

Exploits3References60