Filtered by vendor Ffmpeg
Subscribe
Search
Total
422 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-38171 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-12-23 | 7.5 HIGH | 9.8 CRITICAL |
| adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted. | |||||
| CVE-2021-33815 | 1 Ffmpeg | 1 Ffmpeg | 2023-12-23 | 6.8 MEDIUM | 8.8 HIGH |
| dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked. | |||||
| CVE-2022-48434 | 1 Ffmpeg | 1 Ffmpeg | 2023-12-23 | N/A | 8.1 HIGH |
| libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used). | |||||
| CVE-2022-3965 | 1 Ffmpeg | 1 Ffmpeg | 2023-12-23 | N/A | 8.1 HIGH |
| A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544. | |||||
| CVE-2022-3964 | 1 Ffmpeg | 1 Ffmpeg | 2023-12-23 | N/A | 8.1 HIGH |
| A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543. | |||||
| CVE-2022-1475 | 1 Ffmpeg | 1 Ffmpeg | 2023-12-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file. | |||||
| CVE-2021-38291 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2023-12-23 | 5.0 MEDIUM | 7.5 HIGH |
| FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. | |||||
| CVE-2023-47470 | 1 Ffmpeg | 1 Ffmpeg | 2023-11-29 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c | |||||
| CVE-2021-28429 | 1 Ffmpeg | 1 Ffmpeg | 2023-08-18 | N/A | 5.5 MEDIUM |
| Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. | |||||
| CVE-2020-36138 | 1 Ffmpeg | 1 Ffmpeg | 2023-08-16 | N/A | 7.5 HIGH |
| An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS). | |||||
| CVE-2023-39018 | 1 Ffmpeg | 1 Ffmpeg | 2023-08-03 | N/A | 9.8 CRITICAL |
| FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.<constructor>. This vulnerability is exploited via passing an unchecked argument. | |||||
| CVE-2020-22025 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-22017 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-22033 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service. | |||||
| CVE-2020-22034 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-22032 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2014-125024 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125025 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125023 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125022 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125021 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125019 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125020 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125018 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125005 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125007 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is the function intra_pred of the file libavcodec/hevcpred_template.c. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125006 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function output_frame of the file libavcodec/h264.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125004 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125002 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125003 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125009 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function add_yblock of the file libavcodec/snow.h. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125008 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as problematic has been found in FFmpeg 2.0. Affected is the function vorbis_header of the file libavformat/oggparsevorbis.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125010 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125011 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function decode_frame of the file libavcodec/ansi.c. The manipulation leads to integer coercion error. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125012 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is an unknown function of the file libavcodec/dxtroy.c. The manipulation leads to integer coercion error. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125013 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function msrle_decode_frame of the file libavcodec/msrle.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125015 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability classified as critical has been found in FFmpeg 2.0. Affected is the function read_var_block_data. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125014 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as problematic was found in FFmpeg 2.0. Affected by this vulnerability is an unknown functionality of the component HEVC Video Decoder. The manipulation leads to memory corruption. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125016 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in FFmpeg 2.0. It has been rated as problematic. This issue affects the function ff_init_buffer_info of the file utils.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2014-125017 | 1 Ffmpeg | 1 Ffmpeg | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability classified as critical was found in FFmpeg 2.0. This vulnerability affects the function rpza_decode_stream. The manipulation leads to memory corruption. The attack can be initiated remotely. The name of the patch is Fixes Invalid Writes. It is recommended to apply a patch to fix this issue. | |||||
| CVE-2020-12284 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2022-04-29 | 10.0 HIGH | 9.8 CRITICAL |
| cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check. | |||||
| CVE-2020-21041 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service | |||||
| CVE-2020-20446 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service. | |||||
| CVE-2020-20453 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service | |||||
| CVE-2020-20445 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service. | |||||
| CVE-2020-22037 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c. | |||||
| CVE-2020-22044 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c. | |||||
| CVE-2020-22046 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c. | |||||
| CVE-2020-22048 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c. | |||||
| CVE-2020-22049 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-11-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c. | |||||