Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ffmpeg vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-48434
libavcodec/pthread_frame.c in FFmpeg prior to 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows malicious users to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a...
Ffmpeg Ffmpeg
NA
CVE-2022-3341
A null pointer dereference issue exists in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer dereference error, causing an a...
Ffmpeg Ffmpeg
NA
CVE-2022-3109
An issue exists in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
Ffmpeg Ffmpeg
NA
CVE-2022-3964
A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the att...
Ffmpeg Ffmpeg
NA
CVE-2022-3965
A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The att...
Ffmpeg Ffmpeg
NA
CVE-2022-2566
A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting i...
Ffmpeg Ffmpeg 5.1
1 Github repository
NA
CVE-2020-28435
This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js.
Ffmpeg-sdk Project Ffmpeg-sdk
446
VMScore
CVE-2022-22025
Windows Internet Information Services Cachuri Module Denial of Service Vulnerability
Microsoft Windows 10 1607
Microsoft Windows Server 2008 R2
Microsoft Windows 7 -
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016 -
Microsoft Windows Rt 8.1 -
Microsoft Windows Server 2012 -
Microsoft Windows Server 2008 -
Microsoft Windows 8.1 -
Microsoft Windows Server 2019 -
Microsoft Windows 10 1809
Microsoft Windows 10 20h2
Microsoft Windows 10 21h1
Microsoft Windows Server 2022 -
Microsoft Windows 11 -
Microsoft Windows 10 21h2
605
VMScore
CVE-2014-125020
A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue.
Ffmpeg Ffmpeg 2.0
383
VMScore
CVE-2014-125018
A vulnerability, which was classified as problematic, has been found in FFmpeg 2.0. Affected by this issue is the function decode_slice_header. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue.
Ffmpeg Ffmpeg 2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »