Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg ffmpeg vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv3
CVE-2015-8663
The ff_get_buffer function in libavcodec/utils.c in FFmpeg prior to 2.8.4 preserves width and height values after a failure, which allows remote malicious users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted .mov ...
Ffmpeg Ffmpeg 2.8.3
8.1
CVSSv3
CVE-2022-48434
libavcodec/pthread_frame.c in FFmpeg prior to 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows malicious users to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a...
Ffmpeg Ffmpeg
8.1
CVSSv3
CVE-2022-3964
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the att...
Ffmpeg Ffmpeg
8.1
CVSSv3
CVE-2022-3965
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The att...
Ffmpeg Ffmpeg
8.1
CVSSv3
CVE-2018-13305
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of s...
Ffmpeg Ffmpeg 4.0.1
8.1
CVSSv3
CVE-2018-13300
In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and pos...
Ffmpeg Ffmpeg 4.0.1
Debian Debian Linux 9.0
7.8
CVSSv3
CVE-2023-47470
Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote malicious user to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/ev...
Ffmpeg Ffmpeg
7.8
CVSSv3
CVE-2022-2566
A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting i...
Ffmpeg Ffmpeg 5.1
1 Github repository
7.8
CVSSv3
CVE-2014-125020
A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.
Ffmpeg Ffmpeg 2.0
7.8
CVSSv3
CVE-2014-125024
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
Ffmpeg Ffmpeg 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »