VYPR

rpm package

suse/ffmpeg-4&distro=SUSE Linux Enterprise Workstation Extension 15 SP5

pkg:rpm/suse/ffmpeg-4&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5

Vulnerabilities (14)

  • CVE-2024-7055Aug 6, 2024
    affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1

    A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit h

  • CVE-2024-32230Jul 1, 2024
    affected < 4.4-150400.3.37.1fixed 4.4-150400.3.37.1

    FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0

  • CVE-2023-47282LowMay 16, 2024
    affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1

    Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-22656LowMay 16, 2024
    affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1

    Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-47169May 16, 2024
    affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1

    Improper buffer restrictions in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2023-45221May 16, 2024
    affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1

    Improper buffer restrictions in Intel(R) Media SDK all versions may allow an authenticated user to potentially enable escalation of privilege via local access.

  • CVE-2023-48368May 16, 2024
    affected < 4.4-150400.3.42.1fixed 4.4-150400.3.42.1

    Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of service via local access.

  • CVE-2023-51794Apr 26, 2024
    affected < 4.4-150400.3.32.1fixed 4.4-150400.3.32.1

    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69.

  • CVE-2023-51798Apr 19, 2024
    affected < 4.4-150400.3.37.1fixed 4.4-150400.3.37.1

    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.

  • CVE-2023-51793Apr 19, 2024
    affected < 4.4-150400.3.24.1fixed 4.4-150400.3.24.1

    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.

  • CVE-2023-50010Apr 19, 2024
    affected < 4.4-150400.3.27.1fixed 4.4-150400.3.27.1

    FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.

  • CVE-2023-49502Apr 19, 2024
    affected < 4.4-150400.3.24.1fixed 4.4-150400.3.24.1

    Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.

  • CVE-2024-31578Apr 17, 2024
    affected < 4.4-150400.3.24.1fixed 4.4-150400.3.24.1

    FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.

  • CVE-2020-22021May 26, 2021
    affected < 4.4-150400.3.32.1fixed 4.4-150400.3.32.1

    Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service.