Total
429 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-32230 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-22 | N/A | 7.8 HIGH |
| FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0 | |||||
| CVE-2024-7272 | 1 Ffmpeg | 1 Ffmpeg | 2024-08-13 | 7.5 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component. | |||||
| CVE-2024-22862 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 9.8 CRITICAL |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. | |||||
| CVE-2024-22860 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 9.8 CRITICAL |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. | |||||
| CVE-2024-22861 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 7.5 HIGH |
| Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. | |||||
| CVE-2023-47470 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c | |||||
| CVE-2020-36138 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 7.5 HIGH |
| An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS). | |||||
| CVE-2021-28429 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 5.5 MEDIUM |
| Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. | |||||
| CVE-2023-46407 | 1 Ffmpeg | 1 Ffmpeg | 2024-02-28 | N/A | 5.5 MEDIUM |
| FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function. | |||||