Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c
Max CVSS
7.8
EPSS Score
0.14%
Published
2023-11-16
Updated
2023-11-29
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).
Max CVSS
8.1
EPSS Score
0.12%
Published
2023-03-29
Updated
2023-12-23
A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an application to crash.
Max CVSS
5.3
EPSS Score
0.09%
Published
2023-01-12
Updated
2023-06-13
An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
Max CVSS
7.5
EPSS Score
0.13%
Published
2022-12-16
Updated
2023-06-13
decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations.
Max CVSS
7.5
EPSS Score
0.87%
Published
2021-01-04
Updated
2021-11-05
track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing.
Max CVSS
6.5
EPSS Score
0.28%
Published
2021-01-03
Updated
2022-08-06
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.29%
Published
2021-06-01
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.20%
Published
2021-06-01
Updated
2022-06-28
A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.29%
Published
2021-05-27
Updated
2022-10-26
A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote malicious user cause a Denial of Service.
Max CVSS
6.5
EPSS Score
0.19%
Published
2021-05-27
Updated
2022-10-26
A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.13%
Published
2021-05-27
Updated
2022-10-25
A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter16_complex_low, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.25%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.20%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfade_samples_fltp, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.13%
Published
2021-05-27
Updated
2022-10-25
A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_bitplanenoise.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.16%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_fieldorder.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.29%
Published
2021-05-27
Updated
2021-11-05
A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.17%
Published
2021-05-27
Updated
2022-09-13
A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files, which might lead to memory corruption and other potential consequences.
Max CVSS
8.8
EPSS Score
0.29%
Published
2021-05-27
Updated
2021-11-05
A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file.
Max CVSS
6.5
EPSS Score
0.10%
Published
2021-08-10
Updated
2021-11-30
A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code.
Max CVSS
8.8
EPSS Score
0.24%
Published
2021-08-10
Updated
2021-11-30
An issue was discovered in function latm_write_packet in libavformat/latmenc.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a Null pointer dereference.
Max CVSS
8.8
EPSS Score
0.18%
Published
2021-09-20
Updated
2021-09-24
FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service.
Max CVSS
7.5
EPSS Score
0.08%
Published
2021-05-25
Updated
2021-11-30
FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted.
Max CVSS
8.8
EPSS Score
0.24%
Published
2020-06-16
Updated
2020-09-18
91 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!