VYPR

Ffmpeg

by FFmpeg

Source repositories

CVEs (507)

  • CVE-2024-31585Apr 17, 2024
    risk 0.00cvss epss 0.00

    FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2024-31582Apr 17, 2024
    risk 0.00cvss epss 0.00

    FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.

  • CVE-2024-31578Apr 17, 2024
    risk 0.00cvss epss 0.01

    FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.

  • CVE-2023-49528Apr 12, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.

  • CVE-2024-22862Jan 27, 2024
    risk 0.00cvss epss 0.01

    Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.

  • CVE-2024-22860Jan 27, 2024
    risk 0.00cvss epss 0.01

    Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.

  • CVE-2024-22861Jan 27, 2024
    risk 0.00cvss epss 0.01

    Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.

  • CVE-2023-47470Nov 16, 2023
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c

  • CVE-2023-46407Oct 27, 2023
    risk 0.00cvss epss 0.00

    FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.

  • CVE-2020-36138Aug 11, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).

  • CVE-2021-28429Aug 11, 2023
    risk 0.00cvss epss 0.00

    Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.

  • CVE-2023-39018Jul 28, 2023
    risk 0.00cvss epss 0.01

    FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple third parties because there are no…

  • CVE-2022-48434Mar 29, 2023
    risk 0.00cvss epss 0.02

    libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a…

  • CVE-2022-3341Jan 12, 2023
    risk 0.00cvss epss 0.01

    A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an…

  • CVE-2022-3109Dec 16, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.

  • CVE-2022-3964Nov 13, 2022
    risk 0.00cvss epss 0.03

    A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the…

  • CVE-2022-3965Nov 13, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The…

  • CVE-2022-2566Sep 23, 2022
    risk 0.00cvss epss 0.01

    A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a…

  • CVE-2014-125025Jun 19, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.

  • CVE-2014-125024Jun 19, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

Page 9 of 26