Filtered by vendor Ffmpeg
Subscribe
Total
482 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-35367 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 9.1 CRITICAL |
| FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer | |||||
| CVE-2024-35366 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 9.1 CRITICAL |
| FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration values to be accepted without proper bounds checking. | |||||
| CVE-2024-35365 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 8.8 HIGH |
| FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_stream_audio function. | |||||
| CVE-2024-32230 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 7.8 HIGH |
| FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture in FFmpeg7.0 | |||||
| CVE-2024-32229 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 8.4 HIGH |
| FFmpeg 7.0 contains a heap-buffer-overflow at libavfilter/vf_tiltandshift.c:189:5 in copy_column. | |||||
| CVE-2024-32228 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 6.6 MEDIUM |
| FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a SEGV at libavcodec/hevcdec.c:2947:22 in hevc_frame_end. | |||||
| CVE-2024-31585 | 2 Fedoraproject, Ffmpeg | 2 Fedora, Ffmpeg | 2026-06-17 | N/A | 5.3 MEDIUM |
| FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2024-31582 | 2 Fedoraproject, Ffmpeg | 2 Fedora, Ffmpeg | 2026-06-17 | N/A | 7.8 HIGH |
| FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input. | |||||
| CVE-2024-31581 | 2 Fedoraproject, Ffmpeg | 2 Fedora, Ffmpeg | 2026-06-17 | N/A | 9.8 CRITICAL |
| FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application. | |||||
| CVE-2024-31578 | 2 Fedoraproject, Ffmpeg | 2 Fedora, Ffmpeg | 2026-06-17 | N/A | 7.5 HIGH |
| FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. | |||||
| CVE-2024-22862 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 9.8 CRITICAL |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. | |||||
| CVE-2024-22861 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 7.5 HIGH |
| Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. | |||||
| CVE-2024-22860 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 9.8 CRITICAL |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. | |||||
| CVE-2023-6605 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 7.2 HIGH |
| A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs. | |||||
| CVE-2023-6604 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 5.3 MEDIUM |
| A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation. | |||||
| CVE-2023-6603 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 7.5 HIGH |
| A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization. | |||||
| CVE-2023-6602 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 5.3 MEDIUM |
| A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists. | |||||
| CVE-2023-6601 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-17 | N/A | 4.7 MEDIUM |
| A flaw was found in FFmpeg's HLS demuxer. This vulnerability allows bypassing unsafe file extension checks and triggering arbitrary demuxers via base64-encoded data URIs appended with specific file extensions. | |||||
| CVE-2023-51798 | 2 Fedoraproject, Ffmpeg | 2 Fedora, Ffmpeg | 2026-06-17 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. | |||||
| CVE-2023-51797 | 2 Fedoraproject, Ffmpeg | 2 Fedora, Ffmpeg | 2026-06-17 | N/A | 6.7 MEDIUM |
| Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame | |||||