Filtered by vendor Ffmpeg
Subscriptions
Total
441 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-3566 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-08-03 | 5.5 Medium |
| Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg). | ||||
| CVE-2022-3965 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-03 | 4.3 Medium |
| A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544. | ||||
| CVE-2022-3964 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-03 | 4.3 Medium |
| A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543. | ||||
| CVE-2022-3341 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-03 | 5.3 Medium |
| A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash. | ||||
| CVE-2022-3109 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-03 | 7.5 High |
| An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability. | ||||
| CVE-2022-1475 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-03 | 5.5 Medium |
| An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file. | ||||
| CVE-2023-51798 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 7.8 High |
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. | ||||
| CVE-2023-51795 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 8 High |
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame | ||||
| CVE-2023-51794 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 7.8 High |
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69. | ||||
| CVE-2023-51797 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 6.7 Medium |
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame | ||||
| CVE-2023-51793 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 7.8 High |
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane. | ||||
| CVE-2023-47470 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 7.8 High |
| Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c | ||||
| CVE-2023-46407 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 5.5 Medium |
| FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function. | ||||
| CVE-2024-32229 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 8.4 High |
| FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column. | ||||
| CVE-2024-32228 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 6.6 Medium |
| FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevc_frame_end. | ||||
| CVE-2024-31578 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 7.5 High |
| FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. | ||||
| CVE-2024-31581 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 9.8 Critical |
| FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application. | ||||
| CVE-2024-31582 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-02 | 7.8 High |
| FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input. | ||||
| CVE-2024-22862 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-01 | 9.8 Critical |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. | ||||
| CVE-2024-22861 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-01 | 7.5 High |
| Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. | ||||