Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.
Max CVSS
9.8
EPSS Score
0.20%
Published
2024-01-27
Updated
2024-02-02
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
Max CVSS
9.8
EPSS Score
0.20%
Published
2024-01-27
Updated
2024-02-02
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).
Max CVSS
8.1
EPSS Score
0.15%
Published
2023-03-29
Updated
2023-12-23
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544.
Max CVSS
8.1
EPSS Score
0.14%
Published
2022-11-13
Updated
2023-12-23
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543.
Max CVSS
8.1
EPSS Score
0.14%
Published
2022-11-13
Updated
2023-12-23
A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05
Max CVSS
9.0
EPSS Score
0.10%
Published
2022-09-23
Updated
2023-06-27
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.
Max CVSS
9.8
EPSS Score
0.83%
Published
2021-08-21
Updated
2023-12-23
Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
Max CVSS
8.8
EPSS Score
0.16%
Published
2021-09-20
Updated
2021-09-23
Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
Max CVSS
8.8
EPSS Score
0.16%
Published
2021-09-20
Updated
2021-09-23
Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
Max CVSS
8.8
EPSS Score
0.16%
Published
2021-09-20
Updated
2021-09-23
Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
Max CVSS
8.8
EPSS Score
0.16%
Published
2021-09-20
Updated
2021-09-23
Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
Max CVSS
8.8
EPSS Score
0.16%
Published
2021-09-20
Updated
2021-09-23
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.
Max CVSS
8.8
EPSS Score
0.18%
Published
2021-06-03
Updated
2023-12-23
FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution.
Max CVSS
8.8
EPSS Score
2.06%
Published
2021-04-07
Updated
2021-09-29
Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to memcpy without length checks, which could let a remote malicious user execute arbitrary code.
Max CVSS
8.8
EPSS Score
0.08%
Published
2021-05-26
Updated
2021-05-28
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.29%
Published
2021-06-01
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.20%
Published
2021-06-01
Updated
2022-06-28
A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.29%
Published
2021-05-27
Updated
2022-10-26
A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.13%
Published
2021-05-27
Updated
2022-10-25
A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter16_complex_low, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.25%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.20%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.13%
Published
2021-05-27
Updated
2022-10-25
A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.16%
Published
2021-05-27
Updated
2021-11-05