Ffmpeg : Security Vulnerabilities, CVEs,
FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-17
Updated
2024-04-17
FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-17
Updated
2024-04-17
FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-17
Updated
2024-04-17
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-01-27
Updated
2024-02-02
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the set_encoder_id function in /fftools/ffmpeg_enc.c component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 component.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the av_malloc function in libavutil/mem.c:105:9 component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via theav_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-12
Updated
2024-04-12
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-19
Updated
2024-04-19
Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c
Max CVSS
7.8
EPSS Score
0.14%
Published
2023-11-16
Updated
2023-11-29
FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.
Max CVSS
5.5
EPSS Score
0.05%
Published
2023-10-27
Updated
2024-01-30
A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash.
Max CVSS
5.3
EPSS Score
0.09%
Published
2023-01-12
Updated
2023-06-13
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
Max CVSS
7.5
EPSS Score
0.14%
Published
2022-12-16
Updated
2023-06-13
An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.
Max CVSS
5.5
EPSS Score
0.06%
Published
2022-05-02
Updated
2023-12-23
FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.
Max CVSS
7.5
EPSS Score
0.41%
Published
2021-08-12
Updated
2023-12-23
libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.
Max CVSS
5.5
EPSS Score
0.09%
Published
2021-08-04
Updated
2021-11-28