Ffmpeg Security Vulnerabilities (CVEs)
Track 55 security vulnerabilities affecting Ffmpeg products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A NULL pointer dereference vulnerability in FFmpeg's Firequalizer filter allows attackers to cause denial of service by crashing applications that pro...
Feb 18, 2026An integer overflow vulnerability in FFmpeg's libswscale component allows attackers to cause heap corruption when processing specially crafted YUV vid...
Dec 18, 2025This vulnerability in FFmpeg's JPEG2000 decoder allows attackers to cause a segmentation fault (crash) by processing specially crafted JPEG2000 images...
Feb 18, 2025A memory leak vulnerability exists in FFmpeg's IAMF (Immersive Audio Model and Format) component that could allow attackers to cause denial of service...
Feb 18, 2025This CVE describes an unchecked return value and out-of-bounds read vulnerability in FFmpeg's pan audio filter that could allow reading sensitive cons...
Jan 16, 2025This vulnerability in FFmpeg's HLS demuxer allows attackers to bypass file extension checks by using base64-encoded data URIs with specific extensions...
Jan 6, 2025This vulnerability in FFmpeg's DASH playlist support allows attackers to make arbitrary HTTP GET requests from the system running FFmpeg by providing ...
Jan 6, 2025CVE-2024-35365 is a double-free vulnerability in FFmpeg's audio stream initialization function that could allow attackers to execute arbitrary code or...
Jan 3, 2025FFmpeg versions containing the vulnerable DXA demuxer in libavformat have an integer overflow vulnerability that can cause denial-of-service (DoS) or ...
Jan 3, 2025This vulnerability in FFmpeg's HLS playlist parsing allows attackers to cause denial of service by triggering a null pointer dereference during initia...
Dec 31, 2024This vulnerability in FFmpeg's TTY Demuxer allows data exfiltration through improper parsing of non-TTY-compliant input files in HLS playlists. Attack...
Dec 31, 2024CVE-2024-35368 is a double-free vulnerability in FFmpeg's rkmppdec.c component that allows memory corruption when processing certain media files. Atta...
Nov 29, 2024This CVE-2024-35366 is an integer overflow vulnerability in FFmpeg's libavformat module that allows attackers to cause denial of service or potentiall...
Nov 29, 2024FFmpeg n7.0 has a race condition vulnerability in its VP9 decoder where video encoding parameters can be accessed simultaneously by decoder and output...
Nov 29, 2024CVE-2024-36617 is an integer overflow vulnerability in FFmpeg's CAF decoder that could allow attackers to cause denial of service or potentially execu...
Nov 29, 2024CVE-2024-36619 is an integer overflow vulnerability in FFmpeg's WAVARC decoder that can cause a denial-of-service condition when processing specially ...
Nov 29, 2024A critical heap-based buffer overflow vulnerability in FFmpeg's fill_audiodata function allows remote attackers to execute arbitrary code or cause den...
Aug 12, 2024A critical heap-based buffer overflow vulnerability exists in FFmpeg's PNM image decoder (pnm_decode_frame function). Attackers can exploit this remot...
Aug 6, 2024A buffer overflow vulnerability in FFmpeg's stereowiden audio filter allows local attackers to execute arbitrary code by providing specially crafted a...
Apr 26, 2024CVE-2023-50008 is a buffer overflow vulnerability in FFmpeg's colorcorrect filter that allows attackers to cause memory corruption through improper me...
Apr 19, 2024This CVE describes a buffer over-read vulnerability in FFmpeg's gradfun filter SSE2 optimization. Attackers can exploit this to read memory beyond all...
Apr 19, 2024A buffer overflow vulnerability in FFmpeg's image_copy_plane function allows local attackers to execute arbitrary code. This affects systems running v...
Apr 19, 2024This CVE describes a buffer overflow vulnerability in FFmpeg's minterpolate filter that allows a local attacker to execute arbitrary code via a floati...
Apr 19, 2024A buffer overflow vulnerability in FFmpeg's config_eq_output function allows local attackers to execute arbitrary code. This affects systems running v...
Apr 19, 2024CVE-2024-31581 is an improper array index validation vulnerability in FFmpeg's H.266 video codec parser that allows attackers to trigger undefined beh...
Apr 17, 2024A buffer overflow vulnerability in FFmpeg's de_stereo component allows local attackers to execute arbitrary code or cause denial of service. This affe...
Apr 12, 2024An integer overflow vulnerability in FFmpeg's avcodec/osq module allows attackers to cause denial of service (DoS) by triggering crashes or resource e...
Jan 27, 2024This integer overflow vulnerability in FFmpeg's JPEG XL Animation decoder allows remote attackers to execute arbitrary code by sending specially craft...
Jan 27, 2024A buffer overflow vulnerability in FFmpeg's ref_pic_list_struct function allows remote attackers to write outside array bounds, potentially executing ...
Nov 16, 2023This vulnerability in FFmpeg's TIFF decoder allows remote attackers to cause a denial of service by exploiting a NULL pointer dereference. It affects ...
Aug 11, 2023This vulnerability in FFmpeg's libavcodec allows attackers to trigger a use-after-free condition in worker threads when processing certain video files...
Mar 29, 2023This critical vulnerability in FFmpeg 2.0 allows remote attackers to execute arbitrary code or cause denial of service through memory corruption in th...
Jun 19, 2022This critical vulnerability in FFmpeg 2.0 allows remote attackers to trigger memory corruption via the decode_update_thread_context function, potentia...
Jun 19, 2022This critical vulnerability in FFmpeg 2.0 allows remote attackers to cause memory corruption through the rpza_decode_stream function, potentially lead...
Jun 18, 2022This critical vulnerability in FFmpeg 2.0 allows remote attackers to trigger memory corruption through the read_var_block_data function. Attackers can...
Jun 18, 2022This integer overflow vulnerability in FFmpeg's convolution filter allows attackers to cause denial of service or potentially execute arbitrary code b...
Sep 20, 2021This integer overflow vulnerability in FFmpeg's convolution filter allows attackers to cause denial of service or potentially execute arbitrary code b...
Sep 20, 2021This integer overflow vulnerability in FFmpeg's filter_sobel function allows attackers to cause denial of service or potentially execute arbitrary cod...
Sep 20, 2021A null pointer dereference vulnerability in FFmpeg's latm_write_packet function allows attackers to cause denial of service or potentially execute arb...
Sep 20, 2021An integer overflow vulnerability in FFmpeg's convolution filter allows attackers to cause denial of service or potentially execute arbitrary code by ...
Sep 20, 2021A division by zero vulnerability in FFmpeg's lens correction filter allows attackers to cause denial of service or potentially execute arbitrary code ...
Sep 20, 2021CVE-2020-21688 is a heap-use-after-free vulnerability in FFmpeg's memory management function that allows attackers to execute arbitrary code on affect...
Aug 10, 2021This vulnerability in FFmpeg's EXR image decoder allows out-of-bounds array access due to insufficient validation of the dc_count parameter. Attackers...
Jun 3, 2021This is a heap-based buffer overflow vulnerability in FFmpeg's filter_intra function that could allow attackers to execute arbitrary code or cause den...
Jun 1, 2021This heap-based buffer overflow vulnerability in FFmpeg's drawutils.c allows attackers to corrupt memory by sending specially crafted media files. It ...
May 27, 2021A heap-based buffer overflow vulnerability in FFmpeg's bitplanenoise filter allows attackers to cause memory corruption by processing specially crafte...
May 27, 2021A heap-based buffer overflow vulnerability in FFmpeg's neighbor filter allows attackers to execute arbitrary code or cause denial of service by proces...
May 27, 2021A heap-based buffer overflow vulnerability in FFmpeg's floodfill filter allows attackers to execute arbitrary code or cause denial of service by proce...
May 27, 2021This is a heap-based buffer overflow vulnerability in FFmpeg's colorconstancy filter that allows attackers to cause memory corruption by processing sp...
May 27, 2021A heap-based buffer overflow vulnerability in FFmpeg's w3fdif video filter allows attackers to cause memory corruption by processing specially crafted...
May 27, 2021Why Monitor Ffmpeg Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 55+ known vulnerabilities affecting Ffmpeg products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Ffmpeg packages in under 60 seconds. No agents required - completely agentless scanning that works across Ffmpeg deployments.
Free vulnerability database: Access detailed information about every Ffmpeg CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Ffmpeg CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
