pkg:Debian/ffmpeg

421 total CVEsCRITICAL31HIGH114MEDIUM126LOW1

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2026-40962FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC (Common Encryption) subsample data to libavformat/mov.…
from 0
CRITICAL9.8CVE-2024-35368FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.
from 0, < 7:4.3.8-0+deb11u2
CRITICAL9.8CVE-2024-31581FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c.
from 0, < 7:7.0.1-3
CRITICAL9.8CVE-2024-22862Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.
from 0, < 7:6.1-1
CRITICAL9.8CVE-2024-22860Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet com…
from 0, < 7:6.1-1
CRITICAL9.8CVE-2021-38171adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not check the init_get_bits return value, which is a necessary step becau…
from 0, < 7:4.3.3-0+deb11u1
CRITICAL9.8CVE-2020-12284cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling b…
from 0, < 7:4.2.3-1
CRITICAL9.8CVE-2019-17542FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/v…
from 0, < 7:4.2.1-1
CRITICAL9.8CVE-2019-17539ffmpeg - security update
from 0, < 7:4.2.1-1
CRITICAL9.8CVE-2019-17539ffmpeg - security update
from 0, < 7:3.2.15-0+deb9u2
CRITICAL9.8CVE-2019-12730ffmpeg - security update
from 0, < 7:4.1.4-1
CRITICAL9.8CVE-2019-12730ffmpeg - security update
from 0, < 7:4.1.4-1~deb10u1
CRITICAL9.8CVE-2018-1999010FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol tha…
from 0, < 7:4.0.2-1
CRITICAL9.8CVE-2017-16840The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because…
from 0, < 7:3.4.1-1
CRITICAL9.8CVE-2012-2781Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8CVE-2012-2780Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8CVE-2012-2778Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8CVE-2012-2773Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2771, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8CVE-2012-2771Unspecified vulnerability in FFmpeg before 0.10.3 has unknown impact and attack vectors, a different vulnerability than CVE-2012-2773, CVE-…
from 0, < 7:2.4.1-1
CRITICAL9.8CVE-2017-9051libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavforma…
from 0, < 7:2.6.1-1
CRITICAL9.8CVE-2017-7866FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcod…
from 0, < 7:3.2.4-1
CRITICAL9.8CVE-2017-7865FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA f…
from 0, < 7:3.2.4-1
CRITICAL9.8CVE-2017-7863FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in l…
from 0, < 7:3.2.4-1
CRITICAL9.8CVE-2017-7862FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcod…
from 0, < 7:3.2.4-1
CRITICAL9.8CVE-2016-10192Heap-based buffer overflow in ffserver.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 allows rem…
from 0, < 7:3.2.2-1
CRITICAL9.8CVE-2016-10191Heap-based buffer overflow in libavformat/rtmppkt.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2…
from 0, < 7:3.2.2-1
CRITICAL9.8CVE-2016-10190Heap-based buffer overflow in libavformat/http.c in FFmpeg before 2.8.10, 3.0.x before 3.0.5, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 al…
from 0, < 7:3.2.2-1
CRITICAL9.8CVE-2016-6164Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 all…
from 0, < 7:3.1.1-1
CRITICAL9.1CVE-2024-35367ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u2
CRITICAL9.1CVE-2024-35367ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u2
CRITICAL9.1CVE-2024-35366FFmpeg n6.1.1 is Integer Overflow.
from 0, < 7:4.3.7-0+deb11u1
HIGH8.8CVE-2025-1594A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1.
from 0, < 7:4.3.9-0+deb11u2
HIGH8.8CVE-2024-35365FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_str…
from 0, < 7:7.0.1-3
HIGH8.8CVE-2024-7272A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5.
from 0, < 7:5.1.6-0+deb12u1
HIGH8.8CVE-2024-7055ffmpeg - security update
from 0, < 7:5.1.6-0+deb12u1
HIGH8.8CVE-2024-7055ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u1
HIGH8.8CVE-2023-49502ffmpeg - security update
from 0, < 7:5.1.7-0+deb12u1
HIGH8.8CVE-2023-49502ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u1
HIGH8.8CVE-2023-49502ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u1
HIGH8.8CVE-2022-4907ffmpeg - security update
from 0, < 7:5.1.4-0+deb12u1
HIGH8.8CVE-2022-4907ffmpeg - security update
from 0, < 7:5.1.4-0+deb12u1
HIGH8.8CVE-2021-38094Integer Overflow vulnerability in function filter_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial…
from 0, < 7:4.3-2
HIGH8.8CVE-2021-38093Integer Overflow vulnerability in function filter_robert in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denia…
from 0, < 7:4.3-2
HIGH8.8CVE-2021-38092Integer Overflow vulnerability in function filter_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Deni…
from 0, < 7:4.3-2
HIGH8.8CVE-2021-38091Integer Overflow vulnerability in function filter16_sobel in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Deni…
from 0, < 7:4.3-2
HIGH8.8CVE-2021-38090Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a De…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-20898Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a De…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-20896An issue was discovered in function latm_write_packet in libavformat/latmenc.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Servi…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-20892An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-20891ffmpeg - security update
from 0, < 7:4.3-2
HIGH8.8CVE-2020-20891ffmpeg - security update
from 0, < 7:4.1.9-0+deb10u1
HIGH8.8CVE-2020-20891ffmpeg - security update
from 0, < 7:3.2.18-0+deb9u1
HIGH8.8CVE-2020-21688A heap-use-after-free in the av_freep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code.
from 0, < 7:4.3.3-0+deb11u1
HIGH8.8CVE-2020-22036A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_intra at libavfilter/vf_bwdif.c, which might lead to memory corru…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22035A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get_block_row at libavfilter/vf_bm3d.c, which might lead to memory corru…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22034A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22032A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory co…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22027A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 in deflate16 at libavfilter/vf_neighbor.c, which might lead to memory corrup…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22025A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption an…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22023A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_bitplanenoise.c, which might lead to mem…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22022A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_frame at libavfilter/vf_fieldorder.c, which might lead to memory…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22017A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22016A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec/get_bits.h when writing .mov files, which might lead to memory corru…
from 0, < 7:4.2.2-1
HIGH8.8CVE-2020-22031A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_w3fdif.c in filter16_complex_low, which might lead to mem…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22030A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/af_afade.c in crossfade_samples_fltp, which might lead to me…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22029A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at libavfilter/vf_colorconstancy.c: in slice_get_derivative, which crossfad…
from 0, < 7:4.3-2
HIGH8.8CVE-2020-22015Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remo…
from 0, < 7:4.3.2-0+deb11u2
HIGH8.8CVE-2020-24020Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to m…
from 0, < 7:4.3.1-1
HIGH8.8CVE-2020-14212FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load…
from 0, < 7:4.3.1-1
HIGH8.8CVE-2014-4610Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before…
from 0, < 7:2.4.1-1
HIGH8.8CVE-2019-11339The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 before 4.0.4 and 4.1 before 4.1.2 allows remote attackers to cause a…
from 0, < 7:4.1.3-1
HIGH8.8CVE-2019-11338libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denia…
from 0, < 7:4.1.3-1
HIGH8.8CVE-2018-1999011FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can res…
from 0, < 7:4.0.2-1
HIGH8.8CVE-2018-13302In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the…
from 0, < 7:3.4.3-1
HIGH8.8CVE-2018-9841The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-arra…
from 0, < 7:3.4.3-1
HIGH8.8CVE-2012-5360Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted QT file.
from 0, < 7:2.4.1-1
HIGH8.8CVE-2012-5359Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted ASF file.
from 0, < 7:2.4.1-1
HIGH8.8CVE-2017-15672The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified i…
from 0, < 7:3.4-1
HIGH8.8CVE-2017-14767The sdp_parse_fmtp_config_h264 function in libavformat/rtpdec_h264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, w…
from 0, < 7:3.3.4-1
HIGH8.8CVE-2017-14225The av_color_primaries_name function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a f…
from 0, < 7:3.3.4-1
HIGH8.8CVE-2017-14169In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted…
from 0, < 7:3.3.4-1
HIGH8.8CVE-2017-9992Heap-based buffer overflow in the decode_dds1 function in libavcodec/dfa.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8,…
from 0, < 7:3.2.5-1
HIGH8.8CVE-2016-5199An off by one error resulting in an allocation of zero size in FFmpeg in Google Chrome prior to 54.0.2840.98 for Mac, and 54.0.2840.99 for…
from 0, < 7:3.2-1
HIGH8.8CVE-2016-3062libav - security update
from 0, < 7:2.4.1-1
HIGH8.8CVE-2016-2330libavcodec/gif.c in FFmpeg before 2.8.6 does not properly calculate a buffer size, which allows remote attackers to cause a denial of servi…
from 0, < 2.8.6-1
HIGH8.8CVE-2016-2329libavcodec/tiff.c in FFmpeg before 2.8.6 does not properly validate RowsPerStrip values and YCbCr chrominance subsampling factors, which al…
from 0, < 2.8.6-1
HIGH8.8CVE-2016-2328libswscale/swscale_unscaled.c in FFmpeg before 2.8.6 does not validate certain height values, which allows remote attackers to cause a deni…
from 0, < 2.8.6-1
HIGH8.8CVE-2016-2327libavcodec/pngenc.c in FFmpeg before 2.8.5 uses incorrect line sizes in certain row calculations, which allows remote attackers to cause a…
from 0, < 2.8.5-1
HIGH8.8CVE-2016-2326Integer overflow in the asf_write_packet function in libavformat/asfenc.c in FFmpeg before 2.8.5 allows remote attackers to cause a denial…
from 0, < 2.8.5-1
HIGH8.3CVE-2015-8663The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows rem…
from 0, < 7:2.8.4-1
HIGH8.3CVE-2015-8661The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number…
from 0, < 7:2.8.3-1
HIGH8.1CVE-2022-48434ffmpeg - security update
from 0, < 7:4.3.7-0+deb11u1
HIGH8.1CVE-2022-48434ffmpeg - security update
from 0, < 7:4.3.7-0+deb11u1
HIGH8.1CVE-2022-3965A vulnerability classified as problematic was found in ffmpeg.
from 0, < 7:5.1.3-1
HIGH8.1CVE-2022-3964A vulnerability classified as problematic has been found in ffmpeg.
from 0, < 7:5.1.3-1
HIGH8.1CVE-2018-13300In FFmpeg 3.2 and 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function…
from 0, < 7:3.4.3-1
HIGH8.0CVE-2023-51795Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_sho…
from 0, < 7:5.1.5-0+deb12u1
HIGH8.0CVE-2023-50009FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 co…
from 0, < 7:7.0.1-3
HIGH8.0CVE-2023-49501Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output fun…
from 0, < 7:7.0.1-3
HIGH8.0CVE-2023-49528Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of…
from 0
HIGH7.8CVE-2024-32230FFmpeg 7.0 is vulnerable to Buffer Overflow.
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8CVE-2023-51794Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_ster…
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8CVE-2023-51798Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point except…
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8CVE-2023-51793Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.…
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8CVE-2023-51791Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_p…
from 0, < 7:7.0.1-3
HIGH7.8CVE-2023-50010ffmpeg - security update
from 0, < 7:5.1.5-0+deb12u1
HIGH7.8CVE-2023-50010ffmpeg - security update
from 0, < 7:4.3.7-0+deb11u1
HIGH7.8CVE-2023-50008FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:…
from 0, < 7:5.1.7-0+deb12u1
HIGH7.8CVE-2024-31582FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_c…
from 0, < 7:5.1.7-0+deb12u1
HIGH7.8CVE-2022-2566A heap out-of-bounds memory write exists in FFMPEG since version 5.1.
from 0, < 7:5.1.1-1
HIGH7.8CVE-2017-11719The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service…
from 0, < 7:3.3.3-1
HIGH7.8CVE-2017-11399ffmpeg - security update
from 0, < 7:3.3.3-1
HIGH7.8CVE-2017-11399ffmpeg - security update
from 0, < 7:3.2.7-1~deb9u1
HIGH7.8CVE-2017-9996The cdxl_decode_frame function in libavcodec/cdxl.c in FFmpeg 2.8.x before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2…
from 0, < 7:3.2.5-1
HIGH7.8CVE-2017-9994libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensu…
from 0, < 7:3.2.5-1
HIGH7.8CVE-2017-9991Heap-based buffer overflow in the xwd_decode_frame function in libavcodec/xwddec.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x befor…
from 0, < 7:3.2.5-1
HIGH7.8CVE-2012-5361Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file.
from 0, < 7:2.4.1-1
HIGH7.8CVE-2016-7502The cavs_idct8_add_c function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding wi…
from 0, < 7:3.1.4-1
HIGH7.8CVE-2016-7450The ff_log2_16bit_c function in libavutil/intmath.h in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when it decodes a…
from 0, < 7:3.1.4-1
HIGH7.8CVE-2016-6671The raw_decode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service (memory corrupti…
from 0, < 7:3.1.2-1
HIGH7.5CVE-2026-30997An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Serv…
from 0
HIGH7.5CVE-2025-63757Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswscale/output.c in FFmpeg 8.0.
from 0, < 7:4.3.9-0+deb11u2
HIGH7.5CVE-2023-6603ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u2
HIGH7.5CVE-2023-6603ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u2
HIGH7.5CVE-2024-31578FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
from 0, < 7:4.3.8-0+deb11u1
HIGH7.5CVE-2024-22861Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.
from 0, < 7:6.1-1
HIGH7.5CVE-2022-3109ffmpeg - security update
from 0, < 7:4.3.6-0+deb11u1
HIGH7.5CVE-2022-3109ffmpeg - security update
from 0, < 7:4.1.11-0+deb10u1
HIGH7.5CVE-2022-3109ffmpeg - security update
from 0, < 7:4.3.6-0+deb11u1
HIGH7.5CVE-2021-38291FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c.
from 0, < 7:4.3.3-0+deb11u1
HIGH7.5CVE-2020-20451Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c.
from 0, < 7:4.3-2
HIGH7.5CVE-2020-20450FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service.
from 0, < 7:4.3.3-0+deb11u1
HIGH7.5CVE-2020-21041ffmpeg - security update
from 0, < 7:4.3.2-0+deb11u2
HIGH7.5CVE-2020-21041ffmpeg - security update
from 0, < 7:3.2.15-0+deb9u3
HIGH7.5CVE-2020-35965decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zer…
from 0, < 7:4.3.1-6
HIGH7.5CVE-2018-15822ffmpeg - security update
from 0, < 7:3.2.14-1~deb9u1
HIGH7.5CVE-2018-15822ffmpeg - security update
from 0, < 7:4.0.3-1
HIGH7.5CVE-2017-16803libav - security update
from 0, < 7:2.2.1-1
HIGH7.5CVE-2012-2805Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service.
from 0, < 7:2.4.1-1
HIGH7.5CVE-2017-11665The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segme…
from 0, < 7:3.3.3-1
HIGH7.5CVE-2017-11684There is an illegal address access in the build_table function in libavcodec/bitstream.c of Libav 12.1 that will lead to remote denial of s…
from 0, < 7:2.3.1-1
HIGH7.5CVE-2017-9993FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2 does not properly restrict HTTP Live Streami…
from 0, < 7:3.2.6-1
HIGH7.5CVE-2016-6920Heap-based buffer overflow in the decode_block function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denia…
from 0, < 7:3.1.3-1
HIGH7.3CVE-2015-8662The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before p…
from 0, < 7:2.8.4-1
HIGH7.2CVE-2023-6605A flaw was found in FFmpeg's DASH playlist support.
from 0, < 7:4.3.9-0+deb11u1
MEDIUM6.7CVE-2023-51797Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_sho…
from 0, < 7:7.0.1-3
MEDIUM6.6CVE-2024-32228FFmpeg 7.0 is vulnerable to Buffer Overflow.
from 0, < 7:7.0.1-3
MEDIUM6.5CVE-2026-6385A flaw was found in FFmpeg.
from 0
MEDIUM6.5CVE-2025-22919A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a cr…
from 0, < 7:4.3.8-0+deb11u3
MEDIUM6.5CVE-2025-22921FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.
from 0, < 7:4.3.8-0+deb11u3
MEDIUM6.5CVE-2024-36616An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the appl…
from 0, < 7:4.3.7-0+deb11u1
MEDIUM6.5CVE-2020-20902A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c in FFmpeg 4.2.1 during computation of t…
from 0, < 7:4.2.2-1
MEDIUM6.5CVE-2020-21697A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS…
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5CVE-2020-22056A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the config_input function in af_acrossover.c.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22054A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22051A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the filter_frame function in vf_tile.c.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22049A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22048A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22046A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.…
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22044A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the url_open_dyn_buf_internal function in libavformat/aviobu…
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22043A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak at the fifo_alloc_common function in libavutil/fifo.c.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22042A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak is affected by: memory leak in the link_filter_inouts function…
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5CVE-2020-22041A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_buffersrc_add_frame_flags function in buffersrc.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22040A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memory leak in the v_frame_alloc function in frame.c.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22039A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the inavi_add_ientry function.
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22038A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c.
from 0
MEDIUM6.5CVE-2020-22037A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in avcodec_alloc_context3 at options.c.
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5CVE-2020-22033A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at libavfilter/vf_vmafmotion.c in convolution_y_8bit, which could let a remote…
from 0, < 7:4.3.2-0+deb11u2
MEDIUM6.5CVE-2020-22028Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_vertically_8 at libavfilter/vf_avgblur.c, which could cause a remote Denial of…
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22026Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input function at libavfilter/af_tremolo.c, which could let a remote malic…
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22024Buffer Overflow vulnerability in FFmpeg 4.2 at the lagfun_frame16 function in libavfilter/vf_lagfun.c, which could let a remote malicious u…
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22021Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cau…
from 0, < 7:4.3.2-0+deb11u2
MEDIUM6.5CVE-2020-22020Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicio…
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-22019Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user…
from 0, < 7:4.3.2-0+deb11u2
MEDIUM6.5CVE-2020-20453FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5CVE-2020-20448FFmpeg 4.1.3 is affected by a Divide By Zero issue via libavcodec/ratecontrol.c, which allows a remote malicious user to cause a Denial of…
from 0, < 7:4.3-2
MEDIUM6.5CVE-2020-20446FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service.
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5CVE-2020-20445ffmpeg - security update
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5CVE-2020-20445ffmpeg - security update
from 0, < 7:4.1.8-0+deb10u1
MEDIUM6.5CVE-2020-20445ffmpeg - security update
from 0, < 7:3.2.16-1+deb9u1
MEDIUM6.5CVE-2020-20445ffmpeg - security update
from 0, < 7:4.3.3-0+deb11u1
MEDIUM6.5CVE-2020-35964track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing.
from 0, < 7:4.3.1-6
MEDIUM6.5CVE-2019-13390ffmpeg - security update
from 0, < 7:4.1.6-1~deb10u1
MEDIUM6.5CVE-2019-13390ffmpeg - security update
from 0, < 7:4.2.1-1
MEDIUM6.5CVE-2019-13390ffmpeg - security update
from 0, < 7:3.2.15-0+deb9u1
MEDIUM6.5CVE-2019-9721A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska form…
from 0, < 7:4.1.3-1
MEDIUM6.5CVE-2019-9718In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska for…
from 0, < 7:4.1.3-1
MEDIUM6.5CVE-2019-1000016FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial o…
from 0, < 7:4.1.1-1
MEDIUM6.5CVE-2018-1999015FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can…
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-1999014FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can…
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-1999013FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can res…
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-1999012FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that ca…
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-14395ffmpeg - security update
from 0, < 7:3.2.12-1~deb9u1
MEDIUM6.5CVE-2018-14395ffmpeg - security update
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-14394libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero err…
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-13304In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec m…
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-13303In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser…
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-13301In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpe…
from 0, < 7:4.0.2-1
MEDIUM6.5CVE-2018-12459An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigge…
from 0, < 7:4.0.1-2
MEDIUM6.5CVE-2018-12458An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an asserti…
from 0, < 7:3.4.3-1
MEDIUM6.5CVE-2018-7751The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop…
from 0, < 7:3.4.3-1
MEDIUM6.5CVE-2018-10001ffmpeg - security update
from 0, < 7:3.4.3-1
MEDIUM6.5CVE-2018-10001ffmpeg - security update
from 0, < 7:3.2.11-1~deb9u1
MEDIUM6.5CVE-2018-7557The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out o…
from 0, < 7:3.4.3-1
MEDIUM6.5CVE-2018-6912The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of a…
from 0, < 7:4.0.1-2
MEDIUM6.5CVE-2018-6621The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of arr…
from 0, < 7:3.4.2-1
MEDIUM6.5CVE-2018-6392The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-o…
from 0, < 7:3.4.2-1
MEDIUM6.5CVE-2017-1000460In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ig…
from 0, < 7:3.1.1-1
MEDIUM6.5CVE-2017-9608The dnxhd decoder in FFmpeg before 3.2.6, and 3.3.x before 3.3.3 allows remote attackers to cause a denial of service (NULL pointer derefer…
from 0, < 7:3.3.3-1
MEDIUM6.5CVE-2017-17081ffmpeg - security update
from 0, < 7:3.2.10-1~deb9u1
MEDIUM6.5CVE-2017-17081ffmpeg - security update
from 0, < 7:3.4.1-1
MEDIUM6.5CVE-2017-15186ffmpeg - security update
from 0, < 7:3.4-1
MEDIUM6.5CVE-2017-15186ffmpeg - security update
from 0, < 7:3.2.9-1~deb9u1
MEDIUM6.5CVE-2017-14223In libavformat/asfdec_f.c in FFmpeg 3.3.3, a DoS in asf_build_simple_index() due to lack of an EOF (End of File) check might cause huge CPU…
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14222In libavformat/mov.c in FFmpeg 3.3.3, a DoS in read_tfra() due to lack of an EOF (End of File) check might cause huge CPU and memory consum…
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14171In libavformat/nsvdec.c in FFmpeg 2.4 and 3.3.3, a DoS in nsv_parse_NSVf_header() due to lack of an EOF (End of File) check might cause hug…
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14170In libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, a DoS in mxf_read_index_entry_array() due to lack of an EOF (End of File) check might cause…
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14059In FFmpeg 3.3.3, a DoS in cine_read_header() due to lack of an EOF check might cause huge CPU and memory consumption.
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14058In FFmpeg 2.4 and 3.3.3, the read_data function in libavformat/hls.c does not restrict reload attempts for an insufficient list, which allo…
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14057In FFmpeg 3.3.3, a DoS in asf_read_marker() due to lack of an EOF (End of File) check might cause huge CPU and memory consumption.
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14056In libavformat/rl2.c in FFmpeg 3.3.3, a DoS in rl2_read_header() due to lack of an EOF (End of File) check might cause huge CPU and memory…
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14055libav - security update
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14054ffmpeg - security update
from 0, < 7:3.3.4-1
MEDIUM6.5CVE-2017-14054ffmpeg - security update
from 0, < 7:3.2.8-1~deb9u1
MEDIUM6.5CVE-2015-1207Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service…
from 0, < 7:2.6.1-1
MEDIUM6.5CVE-2016-2213The jpeg2000_decode_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.6 allows remote attackers to cause a denial of service (…
from 0, < 7:2.8.6-1
MEDIUM6.2CVE-2024-36613FFmpeg n6.1.1 has a vulnerability in the DXA demuxer of the libavformat library allowing for an integer overflow, potentially resulting in…
from 0, < 7:4.3.7-0+deb11u1
MEDIUM6.2CVE-2024-36618ffmpeg - security update
from 0, < 7:5.1.8-0+deb12u1
MEDIUM6.2CVE-2024-36618ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u2
MEDIUM6.2CVE-2024-36617FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.
from 0, < 7:4.3.7-0+deb11u1
MEDIUM5.9CVE-2024-36615FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder.
from 0, < 7:4.3.9-0+deb11u2
MEDIUM5.5CVE-2025-12343A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file.
from 0, < 7:7.1.2-0+deb13u1
MEDIUM5.5CVE-2025-10256ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u2
MEDIUM5.5CVE-2025-10256ffmpeg - security update
from 0, < 7:7.1.2-0+deb13u1
MEDIUM5.5CVE-2024-35369In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient…
from 0
MEDIUM5.5CVE-2021-28429Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause…
from 0, < 7:4.3.3-0+deb11u1
MEDIUM5.5CVE-2022-1475ffmpeg - security update
from 0, < 7:4.3.4-0+deb11u1
MEDIUM5.5CVE-2022-1475ffmpeg - security update
from 0, < 7:4.3.4-0+deb11u1
MEDIUM5.5CVE-2020-23906FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of…
from 0, < 7:4.3.1-1
MEDIUM5.5CVE-2021-3566Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it.
from 0, < 7:4.3-2
MEDIUM5.5CVE-2021-38114libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.
from 0, < 7:4.3.3-0+deb11u1
MEDIUM5.5CVE-2020-13904FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a…
from 0, < 7:4.3.1-1
MEDIUM5.5CVE-2015-1208Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive…
from 0, < 7:2.5.3-1
MEDIUM5.5CVE-2017-5025FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote…
from 0, < 7:3.2.4-1
MEDIUM5.5CVE-2017-5024FFmpeg in Google Chrome prior to 56.0.2924.76 for Linux, Windows and Mac, failed to perform proper bounds checking, which allowed a remote…
from 0, < 7:3.2.4-1
MEDIUM5.5CVE-2016-7393Stack-based buffer overflow in the aac_sync function in aac_parser.c in Libav before 11.5 allows remote attackers to cause a denial of serv…
from 0, < 7:2.4-1
MEDIUM5.5CVE-2016-9561The che_configure function in libavcodec/aacdec_template.c in FFmpeg before 3.2.1 allows remote attackers to cause a denial of service (all…
from 0, < 7:3.2.4-1
MEDIUM5.5CVE-2016-8595The gsm_parse function in libavcodec/gsm_parser.c in FFmpeg before 3.1.5 allows remote attackers to cause a denial of service (assert fault…
from 0, < 7:3.1.5-1
MEDIUM5.5CVE-2016-7905The read_gab2_sub function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (NULL pointe…
from 0, < 7:3.1.4-1
MEDIUM5.5CVE-2016-7785The avi_read_seek function in libavformat/avidec.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (assert faul…
from 0, < 7:3.1.4-1
MEDIUM5.5CVE-2016-7562The ff_draw_pc_font function in libavcodec/cga_data.c in FFmpeg before 3.1.4 allows remote attackers to cause a denial of service (buffer o…
from 0, < 7:3.1.4-1
MEDIUM5.5CVE-2016-7555The avi_read_header function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to memory leak when decoding an AVI file that has…
from 0, < 7:3.1.4-1
MEDIUM5.5CVE-2016-7122The avi_read_nikon function in libavformat/avidec.c in FFmpeg before 3.1.4 is vulnerable to infinite loop when it decodes an AVI file that…
from 0, < 7:3.1.4-1
MEDIUM5.5CVE-2016-6881The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service…
from 0, < 7:3.1.3-1
MEDIUM5.5CVE-2016-1898FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live S…
from 0, < 7:2.8.5-1
MEDIUM5.5CVE-2016-1897libav - security update
from 0, < 7:2.8.5-1
MEDIUM5.4CVE-2025-69693Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder (libavcodec/rv60dec.c).
from 0, < 7:8.1-1
MEDIUM5.3CVE-2025-7700A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures.
from 0, < 7:4.3.9-0+deb11u2
MEDIUM5.3CVE-2024-55069ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c.
from 0, < 7:7.1.1-1
MEDIUM5.3CVE-2025-25473ffmpeg - security update
from 0, < 7:7.1.3-0+deb13u1
MEDIUM5.3CVE-2025-25473ffmpeg - security update
from 0, < 7:7.1.3-0+deb13u1
MEDIUM5.3CVE-2025-0518ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u3
MEDIUM5.3CVE-2025-0518ffmpeg - security update
from 0, < 7:4.3.8-0+deb11u3
MEDIUM5.3CVE-2023-6604A flaw was found in FFmpeg.
from 0, < 7:4.3.9-0+deb11u1
MEDIUM5.3CVE-2023-6602ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u1
MEDIUM5.3CVE-2023-6602ffmpeg - security update
from 0, < 7:4.3.9-0+deb11u1
MEDIUM5.3CVE-2024-36619FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certai…
from 0, < 7:7.1-3
MEDIUM5.3CVE-2024-31585FFmpeg version n5.1 to n6.1 was discovered to contain an Off-by-one Error vulnerability in libavfilter/avf_showspectrum.c.
from 0, < 7:5.1.5-0+deb12u1
MEDIUM5.3CVE-2022-3341A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file.
from 0, < 7:4.3.6-0+deb11u1
MEDIUM4.7CVE-2023-6601A flaw was found in FFmpeg's HLS demuxer.
from 0
MEDIUM4.0CVE-2023-50007FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in the…
from 0, < 7:5.1.7-0+deb12u1
LOW3.6CVE-2023-51796Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_rever…
from 0, < 7:7.0.1-3
—CVE-2025-59734It is possible to cause an use-after-free write in SANM decoding with a carefully crafted animation using subversion <2.
from 0
—CVE-2025-59733When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that all image channels have the same pixe…
from 0, < 7:5.1.7-0+deb12u1
—CVE-2025-59732When decoding an OpenEXR file that uses DWAA or DWAB compression, there's an implicit assumption that the height and width are divisible by…
from 0, < 7:5.1.7-0+deb12u1
—CVE-2025-59731When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when u…
from 0, < 7:5.1.7-0+deb12u1
—CVE-2025-59729When parsing the header for a DHAV file, there's an integer underflow in offset calculation that leads to reading the duration from before…
from 0
—CVE-2025-59730When decoding a frame for a SANM file (ANIM v0 variant), the decoded data can be larger than the buffer allocated for it.
from 0
—CVE-2025-9951A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denia…
from 0, < 7:4.3.9-0+deb11u2
—CVE-2025-1816A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb.
from 0, < 7:7.1.1-1
—CVE-2015-8365libav - security update
from 0, < 7:2.8.3-1
—CVE-2015-8364Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2…
from 0, < 7:2.8.3-1
—CVE-2015-8363The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 doe…
from 0, < 7:2.8.3-1
—CVE-2015-8219The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on t…
from 0, < 7:2.8.2-1
—CVE-2015-8218The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote a…
from 0, < 7:2.8.2-1
—CVE-2015-8217The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows r…
from 0, < 7:2.8.2-1
—CVE-2015-8216The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remo…
from 0, < 7:2.8.2-1
—CVE-2015-6761The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome before 46.0.2490.71 and other products…
from 0, < 7:2.8.1-1
—CVE-2015-6826The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, whi…
from 0, < 7:2.7.2-1
—CVE-2015-6825The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which…
from 0, < 7:2.7.2-1
—CVE-2015-6824The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows…
from 0, < 7:2.7.2-1
—CVE-2015-6823The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote att…
from 0, < 7:2.7.2-1
—CVE-2015-6822libav - security update
from 0, < 7:2.7.2-1
—CVE-2015-6821The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which all…
from 0, < 7:2.7.2-1
—CVE-2015-6820The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proce…
from 0, < 7:2.7.2-1
—CVE-2015-6819Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to…
from 0, < 7:2.7.2-1
—CVE-2015-6818The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chu…
from 0, < 7:2.7.2-1
—CVE-2015-1872libav - security update
from 0, < 7:2.5.4-1
—CVE-2015-3395libav - security update
from 0, < 7:2.6.2-1
—CVE-2015-3417Use-after-free vulnerability in the ff_h264_free_tables function in libavcodec/h264.c in FFmpeg before 2.3.6 allows remote attackers to cau…
from 0, < 7:2.6.1-1
—CVE-2014-7937Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote att…
from 0, < 7:2.4.2-1
—CVE-2014-7933libav - security update
from 0, < 7:2.5.1-1
—CVE-2014-9604libavcodec/utvideodec.c in FFmpeg before 2.5.2 does not check for a zero value of a slice height, which allows remote attackers to cause a…
from 0, < 7:2.5.1-1
—CVE-2014-9603The vmd_decode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value a…
from 0, < 7:2.5.1-1
—CVE-2014-9602libavcodec/xface.h in FFmpeg before 2.5.2 establishes certain digits and words array dimensions that do not satisfy a required mathematical…
from 0, < 7:2.5.1-1
—CVE-2014-9319The ff_hevc_decode_nal_sps function in libavcodec/hevc_ps.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remo…
from 0, < 2.4.4-1
—CVE-2014-9318The raw_decode function in libavcodec/rawdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote attackers…
from 0, < 2.4.4-1
—CVE-2014-9317libav - security update
from 0, < 2.4.4-1
—CVE-2014-9316The mjpeg_decode_app function in libavcodec/mjpegdec.c in FFMpeg before 2.1.6, 2.2.x through 2.3.x, and 2.4.x before 2.4.4 allows remote at…
from 0, < 2.4.4-1
—CVE-2014-8549libavcodec/on2avc.c in FFmpeg before 2.4.2 does not constrain the number of channels to at most 2, which allows remote attackers to cause a…
from 0, < 7:2.4.3-1
—CVE-2014-8548Off-by-one error in libavcodec/smc.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access) or…
from 0, < 7:2.4.3-1
—CVE-2014-8547libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of serv…
from 0, < 7:2.4.3-1
—CVE-2014-8546Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service (out-of-bounds access…
from 0, < 7:2.4.3-1
—CVE-2014-8545libavcodec/pngdec.c in FFmpeg before 2.4.2 accepts the monochrome-black format without verifying that the bits-per-pixel value is 1, which…
from 0, < 7:2.4.3-1
—CVE-2014-8544libavcodec/tiff.c in FFmpeg before 2.4.2 does not properly validate bits-per-pixel fields, which allows remote attackers to cause a denial…
from 0, < 7:2.4.3-1
—CVE-2014-8543libavcodec/mmvideo.c in FFmpeg before 2.4.2 does not consider all lines of HHV Intra blocks during validation of image height, which allows…
from 0, < 7:2.4.3-1
—CVE-2014-8542libav - security update
from 0, < 7:2.4.3-1
—CVE-2014-8541libavcodec/mjpegdec.c in FFmpeg before 2.4.2 considers only dimension differences, and not bits-per-pixel differences, when determining whe…
from 0, < 7:2.4.3-1
—CVE-2014-5272libavcodec/iff.c in FFMpeg before 1.1.14, 1.2.x before 1.2.8, 2.2.x before 2.2.7, and 2.3.x before 2.3.2 allows remote attackers to have un…
from 0, < 7:2.4.1-1
—CVE-2014-2263The mpegts_write_pmt function in the MPEG2 transport stream (aka DVB) muxer (libavformat/mpegtsenc.c) in FFmpeg, possibly 2.1 and earlier,…
from 0, < 7:2.4.1-1
—CVE-2012-6618libav - security update
from 0, < 7:2.4.1-1
—CVE-2013-7020libav - security update
from 0, < 7:2.4.1-1
—CVE-2013-7015The flashsv_decode_frame function in libavcodec/flashsv.c in FFmpeg before 2.1 does not properly validate a certain height value, which all…
from 0, < 7:2.4.1-1
—CVE-2013-7011The read_header function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not prevent changes to global parameters, which allows remote at…
from 0, < 7:2.4.1-1
—CVE-2013-7010Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of…
from 0, < 7:2.4.1-1
—CVE-2013-7009The rpza_decode_stream function in libavcodec/rpza.c in FFmpeg before 2.1 does not properly maintain a pointer to pixel data, which allows…
from 0, < 7:2.4.1-1
—CVE-2011-4351ffmpeg - several
from 0, < 7:2.4.1-1
—CVE-2011-4351ffmpeg - several
from 0, < 4:0.5.6-3
—CVE-2011-3946The ff_h264_decode_sei function in libavcodec/h264_sei.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via cr…
from 0, < 7:2.4.1-1
—CVE-2011-3944libav - several
from 0, < 7:2.4.1-1
—CVE-2011-3941The decode_mb function in libavcodec/error_resilience.c in FFmpeg before 0.10 allows remote attackers to have an unspecified impact via vec…
from 0, < 7:2.4.1-1
—CVE-2011-3934libav - security update
from 0, < 7:2.4.1-1
—CVE-2013-0858The atrac3_decode_init function in libavcodec/atrac3.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via ATR…
from 0, < 7:2.4.1-1
—CVE-2013-0856The lpc_prediction function in libavcodec/alac.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted App…
from 0, < 7:2.4.1-1
—CVE-2013-0854The mjpeg_decode_scan_progressive_ac function in libavcodec/mjpegdec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified…
from 0, < 7:2.4.1-1
—CVE-2013-0850The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafte…
from 0, < 7:2.4.1-1
—CVE-2013-0849The roq_decode_init function in libavcodec/roqvideodec.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a c…
from 0, < 7:2.4.1-1
—CVE-2013-0848The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via a crafted w…
from 0, < 7:2.4.1-1
—CVE-2013-0846Array index error in the qdm2_decode_super_block function in libavcodec/qdm2.c in FFmpeg before 1.1 allows remote attackers to have an unsp…
from 0, < 7:2.4.1-1
—CVE-2013-0844libav - several
from 0, < 7:2.4.1-1
—CVE-2013-0869The field_end function in libavcodec/h264.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted H.264…
from 0, < 7:2.4.1-1
—CVE-2013-0868libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to a…
from 0, < 7:2.4.1-1
—CVE-2013-0867The decode_slice_header function in libavcodec/h264.c in FFmpeg before 1.1.2 does not properly check when the pixel format changes, which a…
from 0, < 7:2.4.1-1
—CVE-2013-0865The vqa_decode_chunk function in libavcodec/vqavideo.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.2 allows remote attackers to have an uns…
from 0, < 7:2.4.1-1
—CVE-2013-0860The ff_er_frame_end function in libavcodec/error_resilience.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 does not properly verify that a…
from 0, < 7:2.4.1-1
—CVE-2013-0873The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invali…
from 0, < 7:2.4.1-1
—CVE-2013-3672The mm_decode_inter function in mmvideo.c in libavcodec in FFmpeg before 1.2.1 does not validate the relationship between a horizontal coor…
from 0, < 7:2.4.1-1
—CVE-2013-3670The rle_unpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which a…
from 0, < 7:2.4.1-1
—CVE-2013-2496The msrle_decode_8_16_24_32 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers,…
from 0, < 7:2.4.1-1
—CVE-2013-2495The iff_read_header function in iff.c in libavformat in FFmpeg through 1.1.3 does not properly handle data sizes for Interchange File Forma…
from 0, < 7:2.4.1-1
—CVE-2013-2277The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 1.1.3 does not validate the relationship between…
from 0, < 7:2.4.1-1
—CVE-2013-0894Buffer overflow in the vorbis_parse_setup_hdr_floors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, a…
from 0, < 7:2.4.1-1
—CVE-2012-5150Use-after-free vulnerability in Google Chrome before 24.0.1312.52 allows remote attackers to cause a denial of service or possibly have uns…
from 0, < 7:2.4.1-1
—CVE-2012-2804Unspecified vulnerability in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.5 has unknown impact and attack vectors,…
from 0, < 7:2.4.1-1
—CVE-2012-2803Double free vulnerability in the mpeg_decode_frame function in libavcodec/mpeg12.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and…
from 0, < 7:2.4.1-1
—CVE-2012-2801Unspecified vulnerability in libavcodec/avs.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impac…
from 0, < 7:2.4.1-1
—CVE-2012-2797Unspecified vulnerability in the decode_frame_mp3on4 function in libavcodec/mpegaudiodec.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8…
from 0, < 7:2.4.1-1
—CVE-2012-2788Unspecified vulnerability in the avi_read_packet function in libavformat/avidec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0…
from 0, < 7:2.4.1-1
—CVE-2012-2784Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x…
from 0, < 7:2.4.1-1
—CVE-2012-2783Unspecified vulnerability in libavcodec/vp56.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, has unknown impa…
from 0, < 7:2.4.1-1
—CVE-2012-2779Unspecified vulnerability in the decode_frame function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x…
from 0, < 7:2.4.1-1
—CVE-2012-2777Unspecified vulnerability in the decode_pic function in libavcodec/cavsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x…
from 0, < 7:2.4.1-1
—CVE-2012-2776Unspecified vulnerability in the decode_cell_data function in libavcodec/indeo3.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has un…
from 0, < 7:2.4.1-1
—CVE-2012-2775Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 an…
from 0, < 7:2.4.1-1
—CVE-2012-2772Unspecified vulnerability in the ff_rv34_decode_frame function in libavcodec/rv34.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and…
from 0, < 7:2.4.1-1
—CVE-2011-4579The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before…
from 0, < 7:2.4.1-1
—CVE-2011-4364Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x befo…
from 0, < 7:2.4.1-1
—CVE-2011-4353The (1) av_image_fill_pointers, (2) vp5_parse_coeff, and (3) vp6_parse_coeff functions in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.…
from 0, < 7:2.4.1-1
—CVE-2012-0947Heap-based buffer overflow in the vqa_decode_chunk function in the VQA codec (vqavideo.c) in libavcodec in Libav 0.5.x before 0.5.9, 0.6.x…
from 0, < 7:2.4.1-1
—CVE-2012-0859The render_line function in the vorbis codec (vorbis.c) in libavcodec in FFmpeg before 0.9.1 allows remote attackers to cause a denial of s…
from 0, < 7:2.4.1-1
—CVE-2012-0858ffmpeg - several
from 0, < 4:0.5.10-1
—CVE-2012-0858ffmpeg - several
from 0, < 7:2.2.1-1
—CVE-2012-0853The decodeTonalComponents function in the Actrac3 codec (atrac3.c) in libavcodec in FFmpeg 0.7.x before 0.7.12, and 0.8.x before 0.8.11; an…
from 0, < 7:2.4.1-1
—CVE-2012-0852The adpcm_decode_frame function in adpcm.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x…
from 0, < 7:2.4.1-1
—CVE-2012-0851The ff_h264_decode_seq_parameter_set function in h264_ps.c in libavcodec in FFmpeg before 0.9.1 and in Libav 0.5.x before 0.5.9, 0.6.x befo…
from 0, < 7:2.4.1-1
—CVE-2011-3952The decode_init function in kmvc.c in libavcodec in FFmpeg before 0.10 and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x before 0.…
from 0, < 7:2.4.1-1
—CVE-2011-3951ffmpeg - several
from 0, < 7:2.4.1-1
—CVE-2011-3951ffmpeg - several
from 0, < 4:0.5.9-1
—CVE-2011-3947Buffer overflow in mjpegbdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x…
from 0, < 7:2.4.1-1
—CVE-2011-3940nsvdec.c in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11, and in Libav 0.5.x before 0.5.9, 0.6.x before 0.6.6, 0.7.x be…
from 0, < 7:2.4.1-1
—CVE-2011-3936The dv_extract_audio function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9, 0.6.x be…
from 0, < 7:2.4.1-1
—CVE-2011-3929The avpriv_dv_produce_packet function in libavcodec in FFmpeg 0.7.x before 0.7.12 and 0.8.x before 0.8.11 and in Libav 0.5.x before 0.5.9,…
from 0, < 7:2.4.1-1
—CVE-2011-3895Heap-based buffer overflow in the Vorbis decoder in Google Chrome before 15.0.874.120 allows remote attackers to cause a denial of service…
from 0, < 7:2.4.1-1
—CVE-2011-3893Google Chrome before 15.0.874.120 does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a d…
from 0, < 7:2.4.1-1
—CVE-2011-3892ffmpeg - several
from 0, < 7:2.4.1-1
—CVE-2011-3892ffmpeg - several
from 0, < 4:0.5.8-1
—CVE-2011-3974Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 all…
from 0, < 7:2.4.1-1
—CVE-2011-3973cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service (incorrect write…
from 0, < 7:2.4.1-1
—CVE-2011-3362ffmpeg - several
from 0, < 7:2.4.1-1
—CVE-2011-3362ffmpeg - several
from 0, < 4:0.5.5-1
—CVE-2011-3504The Matroska format decoder in FFmpeg before 0.8.3 does not properly allocate memory, which allows remote attackers to execute arbitrary co…
from 0, < 7:2.4.1-1
—CVE-2011-2162Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 20…
from 0, < 7:2.4.1-1
—CVE-2011-2161The ape_read_header function in ape.c in libavformat in FFmpeg before 0.5.4, as used in MPlayer, VideoLAN VLC media player, and other produ…
from 0, < 7:2.4.1-1
—CVE-2011-2160The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations,…
from 0, < 7:2.4.1-1
—CVE-2011-0723FFmpeg 0.5.x, as used in MPlayer and other products, allows remote attackers to cause a denial of service (application crash) or possibly e…
from 0, < 7:2.4.1-1
—CVE-2011-0722FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (heap memory corruption an…
from 0, < 7:2.4.1-1
—CVE-2010-3908ffmpeg - several
from 0, < 4:0.5.4-1
—CVE-2010-3908ffmpeg - several
from 0, < 7:2.4.1-1
—CVE-2010-4704libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application…
from 0, < 7:2.4.1-1
—CVE-2011-0480Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before…
from 0, < 7:2.4.1-1
—CVE-2010-3429ffmpeg-debian - buffer overflow
from 0, < 4:0.5.2-6
—CVE-2009-4640Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code vi…
from 0, < 4:0.5+svn20090706-3
—CVE-2009-4639The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) via a crafted AVI…
from 0, < 7:2.4.1-1
—CVE-2009-4638Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown…
from 0, < 4:0.5+svn20090706-3
—CVE-2009-4637FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigge…
from 0, < 4:0.5+svn20090706-3
—CVE-2009-4636FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop.
from 0, < 4:0.5+svn20090706-3
—CVE-2009-4635FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improp…
from 0, < 4:0.5+svn20090706-3
—CVE-2009-4634Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a cra…
from 0, < 4:0.5+svn20090706-3
—CVE-2009-4633vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause…
from 0, < 4:0.5+svn20090706-3
—CVE-2009-4632oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive…
from 0, < 4:0.5+svn20090706-3
—CVE-2009-4631ffmpeg-debian - several vulnerabilities
from 0, < 4:0.5+svn20090706-3
—CVE-2009-0385Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to…
from 0, < 0.svn20080206-16
—CVE-2008-4867Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknow…
from 0, < 0.svn20080206-14
—CVE-2008-4866mplayer - arbitrary code execution
from 0, < 0.svn20080206-14
—CVE-2008-4610mplayer - arbitrary code execution
from 0, < 7:2.4.1-1
—CVE-2008-3230The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file, possibly re…
from 0, < 0.svn20080206-16
—CVE-2008-3162ffmpeg ffmpeg-debian - arbitrary code execution
from 0, < 0.cvs20060823-8+etch1
—CVE-2008-3162ffmpeg ffmpeg-debian - arbitrary code execution
from 0, < 0.svn20080206-10
—CVE-2006-4800Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly ex…
from 0, < 0.cvs20060329-1
—CVE-2005-4048ffmpeg - buffer overflow
from 0, < 0.cvs20050918-5.1
—CVE-2005-4048ffmpeg - buffer overflow
from 0, < 0.cvs20050313-2sarge1