Product:

Ffmpeg

(Ffmpeg)
Repositories https://github.com/FFmpeg/FFmpeg
#Vulnerabilities 458
Date Id Summary Products Score Patch Annotated
2024-01-27 CVE-2024-22862 Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. Ffmpeg 9.8
2024-12-31 CVE-2023-6602 A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists. Ffmpeg 5.3
2024-12-31 CVE-2023-6603 A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability allows a denial of service via a maliciously crafted HLS playlist that triggers a null pointer dereference during initialization. Ffmpeg 7.5
2024-01-27 CVE-2024-22860 Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. Ffmpeg 9.8
2024-04-17 CVE-2024-31585 FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Fedora, Ffmpeg N/A
2024-04-19 CVE-2023-50009 FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 component. Fedora, Ffmpeg N/A
2024-04-19 CVE-2023-50010 FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id function in /fftools/ffmpeg_enc.c component. Fedora, Ffmpeg N/A
2024-04-19 CVE-2023-50007 FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component. Fedora, Ffmpeg N/A
2024-04-19 CVE-2023-50008 FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:9 component. Fedora, Ffmpeg N/A
2024-04-17 CVE-2024-31578 FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. Fedora, Ffmpeg N/A