Filtered by vendor Ffmpeg Subscriptions
Total 441 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-20902 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.5 Medium
A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c in FFmpeg 4.2.1 during computation of the denominator of pseudo-normalized correlation R'(0), that could result in disclosure of information.
CVE-2020-20898 1 Ffmpeg 1 Ffmpeg 2024-11-21 8.8 High
Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
CVE-2020-20896 1 Ffmpeg 1 Ffmpeg 2024-11-21 8.8 High
An issue was discovered in function latm_write_packet in libavformat/latmenc.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a Null pointer dereference.
CVE-2020-20892 1 Ffmpeg 1 Ffmpeg 2024-11-21 8.8 High
An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by zero.
CVE-2020-20891 1 Ffmpeg 1 Ffmpeg 2024-11-21 8.8 High
Buffer Overflow vulnerability in function config_input in libavfilter/vf_gblur.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
CVE-2020-20453 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 6.5 Medium
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service
CVE-2020-20451 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 7.5 High
Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
CVE-2020-20450 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 7.5 High
FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service.
CVE-2020-20448 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.5 Medium
FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote malicious user to cause a Denial of Service.
CVE-2020-20446 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 6.5 Medium
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.
CVE-2020-20445 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 6.5 Medium
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service.
CVE-2020-14212 1 Ffmpeg 1 Ffmpeg 2024-11-21 8.8 High
FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted.
CVE-2020-13904 3 Canonical, Debian, Ffmpeg 3 Ubuntu Linux, Debian Linux, Ffmpeg 2024-11-21 5.5 Medium
FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.
CVE-2020-12284 3 Canonical, Debian, Ffmpeg 3 Ubuntu Linux, Debian Linux, Ffmpeg 2024-11-21 9.8 Critical
cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check.
CVE-2019-9721 2 Canonical, Ffmpeg 2 Ubuntu Linux, Ffmpeg 2024-11-21 6.5 Medium
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handle_open_brace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
CVE-2019-9718 3 Canonical, Debian, Ffmpeg 3 Ubuntu Linux, Debian Linux, Ffmpeg 2024-11-21 6.5 Medium
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ff_htmlmarkup_to_ass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf.
CVE-2019-17542 3 Canonical, Debian, Ffmpeg 3 Ubuntu Linux, Debian Linux, Ffmpeg 2024-11-21 9.8 Critical
FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c.
CVE-2019-17539 3 Canonical, Debian, Ffmpeg 3 Ubuntu Linux, Debian Linux, Ffmpeg 2024-11-21 9.8 Critical
In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer.
CVE-2019-15942 1 Ffmpeg 1 Ffmpeg 2024-11-21 8.8 High
FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer.
CVE-2019-13390 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A
In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in libavformat/rawenc.c.