Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ffmpeg
(Ffmpeg)| Repositories | https://github.com/FFmpeg/FFmpeg |
| #Vulnerabilities | 426 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-06-01 | CVE-2020-22038 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c. | Ffmpeg | 6.5 | ||
| 2021-06-01 | CVE-2020-22039 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the inavi_add_ientry function. | Ffmpeg | 6.5 | ||
| 2021-06-01 | CVE-2020-22040 | A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memory leak in the v_frame_alloc function in frame.c. | Ffmpeg | 6.5 | ||
| 2021-06-01 | CVE-2020-22043 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c. | Ffmpeg | 6.5 | ||
| 2021-06-02 | CVE-2020-22056 | A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input function in af_acrossover.c. | Ffmpeg | 6.5 | ||
| 2021-05-26 | CVE-2020-22024 | Buffer Overflow vulnerability in FFmpeg 4.2 at the lagfun_frame16 function in libavfilter/vf_lagfun.c, which could let a remote malicious user cause Denial of Service. | Ffmpeg | 6.5 | ||
| 2021-05-25 | CVE-2020-20448 | FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote malicious user to cause a Denial of Service. | Ffmpeg | 6.5 | ||
| 2018-02-05 | CVE-2018-6621 | The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. | Debian_linux, Ffmpeg | 6.5 | ||
| 2018-07-19 | CVE-2018-14395 | libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format. | Debian_linux, Ffmpeg | 6.5 | ||
| 2018-06-15 | CVE-2018-12458 | An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. | Debian_linux, Ffmpeg | 6.5 |