📦 Ffmpeg
by Ffmpeg
🔍 What is Ffmpeg?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2024-35368 is a double-free vulnerability in FFmpeg's rkmppdec.c component that allows memory corruption when processing certain media files. Attackers can exploit this to potentially execute arbi...
This CVE-2024-35366 is an integer overflow vulnerability in FFmpeg's libavformat module that allows attackers to cause denial of service or potentially execute arbitrary code by providing malicious in...
CVE-2024-31581 is an improper array index validation vulnerability in FFmpeg's H.266 video codec parser that allows attackers to trigger undefined behavior, potentially leading to crashes or arbitrary...
This integer overflow vulnerability in FFmpeg's JPEG XL Animation decoder allows remote attackers to execute arbitrary code by sending specially crafted files. It affects all systems running FFmpeg ve...
An integer overflow vulnerability in FFmpeg's libswscale component allows attackers to cause heap corruption when processing specially crafted YUV video files. This affects any application using FFmpe...
This vulnerability in FFmpeg's DASH playlist support allows attackers to make arbitrary HTTP GET requests from the system running FFmpeg by providing a maliciously crafted DASH playlist. This affects ...
CVE-2024-35365 is a double-free vulnerability in FFmpeg's audio stream initialization function that could allow attackers to execute arbitrary code or cause denial of service. This affects systems usi...
This vulnerability in FFmpeg's HLS playlist parsing allows attackers to cause denial of service by triggering a null pointer dereference during initialization with a maliciously crafted HLS playlist. ...
A buffer overflow vulnerability in FFmpeg's stereowiden audio filter allows local attackers to execute arbitrary code by providing specially crafted audio input. This affects systems running vulnerabl...
CVE-2023-50008 is a buffer overflow vulnerability in FFmpeg's colorcorrect filter that allows attackers to cause memory corruption through improper memory allocation. This affects systems using FFmpeg...
This CVE describes a buffer over-read vulnerability in FFmpeg's gradfun filter SSE2 optimization. Attackers can exploit this to read memory beyond allocated buffers, potentially leaking sensitive info...
A buffer overflow vulnerability in FFmpeg's image_copy_plane function allows local attackers to execute arbitrary code. This affects systems running vulnerable FFmpeg versions where an attacker has lo...
This CVE describes a buffer overflow vulnerability in FFmpeg's minterpolate filter that allows a local attacker to execute arbitrary code via a floating point exception. The vulnerability affects FFmp...
A buffer overflow vulnerability in FFmpeg's config_eq_output function allows local attackers to execute arbitrary code. This affects systems running vulnerable FFmpeg versions where local users can tr...
A buffer overflow vulnerability in FFmpeg's de_stereo component allows local attackers to execute arbitrary code or cause denial of service. This affects FFmpeg version n6.1-3-g466799d4f5 and potentia...
An integer overflow vulnerability in FFmpeg's avcodec/osq module allows attackers to cause denial of service (DoS) by triggering crashes or resource exhaustion. This affects systems running FFmpeg ver...
A buffer overflow vulnerability in FFmpeg's ref_pic_list_struct function allows remote attackers to write outside array bounds, potentially executing arbitrary code or causing denial of service. This ...
This vulnerability in FFmpeg's TIFF decoder allows remote attackers to cause a denial of service by exploiting a NULL pointer dereference. It affects systems using FFmpeg to process TIFF images, poten...
This vulnerability in FFmpeg's libavcodec allows attackers to trigger a use-after-free condition in worker threads when processing certain video files, potentially leading to arbitrary code execution....
This critical vulnerability in FFmpeg 2.0 allows remote attackers to execute arbitrary code or cause denial of service through memory corruption in the lag_decode_frame function. It affects any system...
This critical vulnerability in FFmpeg 2.0 allows remote attackers to trigger memory corruption via the decode_update_thread_context function, potentially leading to arbitrary code execution. It affect...
This critical vulnerability in FFmpeg 2.0 allows remote attackers to cause memory corruption through the rpza_decode_stream function, potentially leading to arbitrary code execution. It affects any sy...
This critical vulnerability in FFmpeg 2.0 allows remote attackers to trigger memory corruption through the read_var_block_data function. Attackers can exploit this to potentially execute arbitrary cod...
This integer overflow vulnerability in FFmpeg's convolution filter allows attackers to cause denial of service or potentially execute arbitrary code by processing specially crafted video files. It aff...
This integer overflow vulnerability in FFmpeg's convolution filter allows attackers to cause denial of service or potentially execute arbitrary code by processing specially crafted video files. It aff...
This integer overflow vulnerability in FFmpeg's filter_sobel function allows attackers to cause denial of service or potentially execute arbitrary code by processing specially crafted video files. It ...
A null pointer dereference vulnerability in FFmpeg's latm_write_packet function allows attackers to cause denial of service or potentially execute arbitrary code by processing malicious media files. T...
An integer overflow vulnerability in FFmpeg's convolution filter allows attackers to cause denial of service or potentially execute arbitrary code by processing specially crafted video files. This aff...
A division by zero vulnerability in FFmpeg's lens correction filter allows attackers to cause denial of service or potentially execute arbitrary code by processing specially crafted video files. This ...
CVE-2020-21688 is a heap-use-after-free vulnerability in FFmpeg's memory management function that allows attackers to execute arbitrary code on affected systems. This affects any application or servic...
This vulnerability in FFmpeg's EXR image decoder allows out-of-bounds array access due to insufficient validation of the dc_count parameter. Attackers can exploit this to potentially execute arbitrary...
This is a heap-based buffer overflow vulnerability in FFmpeg's filter_intra function that could allow attackers to execute arbitrary code or cause denial of service. It affects FFmpeg 4.2 installation...
This heap-based buffer overflow vulnerability in FFmpeg's drawutils.c allows attackers to corrupt memory by sending specially crafted media files. It affects systems using FFmpeg 4.2 for media process...
A heap-based buffer overflow vulnerability in FFmpeg's bitplanenoise filter allows attackers to cause memory corruption by processing specially crafted video files. This affects systems using FFmpeg 4...
A heap-based buffer overflow vulnerability in FFmpeg's neighbor filter allows attackers to execute arbitrary code or cause denial of service by processing specially crafted video files. This affects s...
A heap-based buffer overflow vulnerability in FFmpeg's floodfill filter allows attackers to execute arbitrary code or cause denial of service by processing specially crafted video files. This affects ...
This is a heap-based buffer overflow vulnerability in FFmpeg's colorconstancy filter that allows attackers to cause memory corruption by processing specially crafted video files. It affects FFmpeg 4.2...
A heap-based buffer overflow vulnerability in FFmpeg's w3fdif video filter allows attackers to cause memory corruption by processing specially crafted video files. This affects systems using FFmpeg 4....
This buffer overflow vulnerability in FFmpeg's MOV file handling allows attackers to execute arbitrary code, cause denial of service, or leak sensitive information by crafting malicious video files. I...
This CVE describes a buffer overflow vulnerability in FFmpeg's DNN module that allows remote attackers to execute arbitrary code by exploiting improper memory bounds checking in the pad layer function...
CVE-2020-20450 is a null pointer dereference vulnerability in FFmpeg 4.2's libavformat/aviobuf.c component that can cause a denial of service. Attackers can crash FFmpeg processes by providing special...
CVE-2021-30123 is a buffer overflow vulnerability in FFmpeg's libavcodec library that allows remote attackers to execute arbitrary code by providing a specially crafted media file. This affects all sy...
This CVE describes a buffer overflow vulnerability in the sniff_channel_order function within ffmpeg's AAC decoder. Attackers can exploit this to execute arbitrary code locally on affected systems. Us...
A NULL pointer dereference vulnerability in FFmpeg's Firequalizer filter allows attackers to cause denial of service by crashing applications that process malicious media files. This affects any softw...
This vulnerability in FFmpeg's JPEG2000 decoder allows attackers to cause a segmentation fault (crash) by processing specially crafted JPEG2000 images. It affects systems using vulnerable FFmpeg versi...
A memory leak vulnerability exists in FFmpeg's IAMF (Immersive Audio Model and Format) component that could allow attackers to cause denial of service through resource exhaustion. This affects systems...
This CVE describes an unchecked return value and out-of-bounds read vulnerability in FFmpeg's pan audio filter that could allow reading sensitive constants from executable memory. The vulnerability af...
This vulnerability in FFmpeg's HLS demuxer allows attackers to bypass file extension checks by using base64-encoded data URIs with specific extensions, potentially triggering arbitrary demuxers. It af...
FFmpeg versions containing the vulnerable DXA demuxer in libavformat have an integer overflow vulnerability that can cause denial-of-service (DoS) or undefined behavior when processing malicious DXA v...
This vulnerability in FFmpeg's TTY Demuxer allows data exfiltration through improper parsing of non-TTY-compliant input files in HLS playlists. Attackers can craft malicious HLS playlists to potential...
FFmpeg n7.0 has a race condition vulnerability in its VP9 decoder where video encoding parameters can be accessed simultaneously by decoder and output threads, causing a data race. This affects any ap...
CVE-2024-36617 is an integer overflow vulnerability in FFmpeg's CAF decoder that could allow attackers to cause denial of service or potentially execute arbitrary code by processing specially crafted ...
CVE-2024-36619 is an integer overflow vulnerability in FFmpeg's WAVARC decoder that can cause a denial-of-service condition when processing specially crafted WAVARC audio files. This affects any syste...
A critical heap-based buffer overflow vulnerability in FFmpeg's fill_audiodata function allows remote attackers to execute arbitrary code or cause denial of service. This affects FFmpeg versions up to...
A critical heap-based buffer overflow vulnerability exists in FFmpeg's PNM image decoder (pnm_decode_frame function). Attackers can exploit this remotely by sending specially crafted PNM files, potent...