VYPR

Vendor CVEs

FFmpeg

All CVEs

510 total · sorted by risk
  • CVE-2023-51793Apr 19, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.

  • CVE-2023-51798Apr 19, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.

  • CVE-2023-50008Apr 19, 2024
    risk 0.00cvss epss 0.00

    FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:9 component.

  • CVE-2023-50007Apr 19, 2024
    risk 0.00cvss epss 0.00

    FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.

  • CVE-2023-51795Apr 19, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame

  • CVE-2023-51797Apr 19, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame

  • CVE-2023-50010Apr 19, 2024
    risk 0.00cvss epss 0.00

    FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component.

  • CVE-2023-51796Apr 19, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.

  • CVE-2023-50009Apr 19, 2024
    risk 0.00cvss epss 0.00

    FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 component.

  • CVE-2023-51791Apr 19, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map.

  • CVE-2023-49502Apr 19, 2024
    risk 0.00cvss epss 0.02

    Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.

  • CVE-2024-31581Apr 17, 2024
    risk 0.00cvss epss 0.01

    FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application.

  • CVE-2024-31578Apr 17, 2024
    risk 0.00cvss epss 0.01

    FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.

  • CVE-2024-31582Apr 17, 2024
    risk 0.00cvss epss 0.00

    FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.

  • CVE-2024-31585Apr 17, 2024
    risk 0.00cvss epss 0.00

    FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

  • CVE-2023-49528Apr 12, 2024
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.

  • CVE-2024-22862Jan 27, 2024
    risk 0.00cvss epss 0.01

    Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.

  • CVE-2024-22860Jan 27, 2024
    risk 0.00cvss epss 0.01

    Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.

  • CVE-2024-22861Jan 27, 2024
    risk 0.00cvss epss 0.01

    Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.

  • CVE-2023-47470Nov 16, 2023
    risk 0.00cvss epss 0.01

    Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c

  • CVE-2023-46407Oct 27, 2023
    risk 0.00cvss epss 0.00

    FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.

  • CVE-2020-36138Aug 11, 2023
    risk 0.00cvss epss 0.01

    An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).

  • CVE-2021-28429Aug 11, 2023
    risk 0.00cvss epss 0.00

    Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.

  • CVE-2023-39018Jul 28, 2023
    risk 0.00cvss epss 0.01

    FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.. This vulnerability is exploited via passing an unchecked argument. NOTE: this is disputed by multiple third parties because there are no…

  • CVE-2022-48434Mar 29, 2023
    risk 0.00cvss epss 0.02

    libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a…

  • CVE-2022-3341Jan 12, 2023
    risk 0.00cvss epss 0.01

    A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an…

  • CVE-2022-3109Dec 16, 2022
    risk 0.00cvss epss 0.01

    An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.

  • CVE-2022-3965Nov 13, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The…

  • CVE-2022-3964Nov 13, 2022
    risk 0.00cvss epss 0.03

    A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the…

  • CVE-2022-2566Sep 23, 2022
    risk 0.00cvss epss 0.01

    A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a…

  • CVE-2014-125025Jun 19, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue.

  • CVE-2014-125024Jun 19, 2022
    risk 0.00cvss epss 0.00

    A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

  • CVE-2014-125023Jun 19, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is…

  • CVE-2014-125022Jun 19, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply…

  • CVE-2014-125021Jun 19, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue.

  • CVE-2014-125020Jun 19, 2022
    risk 0.00cvss epss 0.00

    A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.

  • CVE-2014-125019Jun 19, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to…

  • CVE-2014-125018Jun 19, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.

  • CVE-2014-125017Jun 18, 2022
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to…

  • CVE-2014-125016Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this…

  • CVE-2014-125015Jun 18, 2022
    risk 0.00cvss epss 0.00

    A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue.

  • CVE-2014-125014Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch…

  • CVE-2014-125013Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix…

  • CVE-2014-125012Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to…

  • CVE-2014-125011Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to…

  • CVE-2014-125010Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch…

  • CVE-2014-125009Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this…

  • CVE-2014-125008Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch…

  • CVE-2014-125007Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a…

  • CVE-2014-125006Jun 18, 2022
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a…

Page 4 of 11