Ffmpeg

Ffmpeg

484 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2024-22862

  • EPSS 2%
  • Published 27.01.2024 06:15:48
  • Last modified 11.08.2025 10:30:47

Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.

7.8

CVE-2023-47470

  • EPSS 1.36%
  • Published 16.11.2023 03:15:07
  • Last modified 11.08.2025 13:51:26

Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct f...

5.5

CVE-2023-46407

  • EPSS 0.02%
  • Published 27.10.2023 20:15:09
  • Last modified 11.08.2025 10:30:44

FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.

5.5

CVE-2021-28429

  • EPSS 0.02%
  • Published 11.08.2023 14:15:12
  • Last modified 21.11.2024 05:59:39

Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.

7.5

CVE-2020-36138

  • EPSS 0.28%
  • Published 11.08.2023 14:15:11
  • Last modified 21.11.2024 05:28:47

An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).

8.1

CVE-2022-48434

Exploit
  • EPSS 0.25%
  • Published 29.03.2023 17:15:07
  • Last modified 21.11.2024 07:33:20

libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re...

5.3

CVE-2022-3341

  • EPSS 0.1%
  • Published 12.01.2023 15:15:10
  • Last modified 07.08.2025 19:26:02

A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers the null pointer der...

7.5

CVE-2022-3109

  • EPSS 0.23%
  • Published 16.12.2022 15:15:09
  • Last modified 07.08.2025 19:26:18

An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.

8.1

CVE-2022-3965

  • EPSS 0.04%
  • Published 13.11.2022 08:15:15
  • Last modified 21.11.2024 07:20:37

A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads ...

8.1

CVE-2022-3964

  • EPSS 0.06%
  • Published 13.11.2022 08:15:14
  • Last modified 21.11.2024 07:20:37

A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It i...