| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-11338 | 6.8 |
libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via c
|
07-10-2022 - 17:50 | 19-04-2019 - 00:29 | |
| CVE-2019-9718 | 4.3 |
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
|
07-10-2022 - 02:15 | 12-03-2019 - 09:29 | |
| CVE-2018-15822 | 5.0 |
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.
|
07-10-2022 - 02:10 | 23-08-2018 - 23:29 | |
| CVE-2018-1999011 | 6.8 |
FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via
|
23-05-2019 - 11:29 | 23-07-2018 - 15:29 |