| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-11338 | 6.8 |
libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via c
|
07-10-2022 - 17:50 | 19-04-2019 - 00:29 | |
| CVE-2019-9718 | 4.3 |
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
|
07-10-2022 - 02:15 | 12-03-2019 - 09:29 | |
| CVE-2018-15822 | 5.0 |
The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure.
|
07-10-2022 - 02:10 | 23-08-2018 - 23:29 | |
| CVE-2019-9721 | 4.3 |
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
|
07-10-2022 - 01:57 | 12-03-2019 - 09:29 | |
| CVE-2019-11339 | 6.8 |
The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via crafted MPEG-4 video dat
|
06-05-2019 - 21:29 | 19-04-2019 - 00:29 |