Vulnerabilities (CVE)

Filtered by vendor Ffmpeg Subscribe
Filtered by product Ffmpeg
Total 457 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-1475 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file.
CVE-2021-3566 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg).
CVE-2021-38291 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 5.0 MEDIUM 7.5 HIGH
FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.
CVE-2021-38171 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 7.5 HIGH 9.8 CRITICAL
adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step because the second argument to init_get_bits can be crafted.
CVE-2021-38114 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.
CVE-2021-38094 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
CVE-2021-38093 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
CVE-2021-38092 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
CVE-2021-38091 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
CVE-2021-38090 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
CVE-2021-33815 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
dwa_uncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dc_count is not strictly checked.
CVE-2021-30123 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.8 MEDIUM 8.8 HIGH
FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution.
CVE-2021-28429 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A 5.5 MEDIUM
Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.
CVE-2020-36138 1 Ffmpeg 1 Ffmpeg 2024-11-21 N/A 7.5 HIGH
An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).
CVE-2020-35965 2 Debian, Ffmpeg 2 Debian Linux, Ffmpeg 2024-11-21 5.0 MEDIUM 7.5 HIGH
decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations.
CVE-2020-35964 2 Ffmpeg, Linux 2 Ffmpeg, Linux Kernel 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing.
CVE-2020-24995 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.6 MEDIUM 7.8 HIGH
Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local).
CVE-2020-24020 1 Ffmpeg 1 Ffmpeg 2024-11-21 6.5 MEDIUM 8.8 HIGH
Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to memcpy without length checks, which could let a remote malicious user execute arbitrary code.
CVE-2020-23906 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity.
CVE-2020-22056 1 Ffmpeg 1 Ffmpeg 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input function in af_acrossover.c.