Search CVE reports
41 – 50 of 495 results
CVE-2024-22862
Medium priorityInteger overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2024-22860
Medium priorityInteger overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2023-47470
Medium priorityBuffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the...
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2023-46407
Medium priorityFFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Needs evaluation | Not affected | Not affected | Not affected | Not affected |
CVE-2021-28429
Medium priorityInteger overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Not affected | Fixed | Fixed | Fixed |
CVE-2020-36138
Medium priorityAn issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | — | Not affected | Not affected | Not affected | Not affected |
CVE-2022-4907
Medium priorityUninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
2 affected packages
chromium-browser, ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| chromium-browser | Not affected | Not affected | Not affected | Ignored | Ignored |
| ffmpeg | Vulnerable | Not affected | Not affected | Not affected | Not affected |
CVE-2022-48434
Medium prioritySome fixes available 3 of 5
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in...
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Fixed | Fixed | Fixed | Ignored |
CVE-2022-3341
Medium priorityA null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. The flaw occurs because the function lacks check of the return value of avformat_new_stream() and triggers...
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Fixed | Fixed | Fixed | Fixed |
CVE-2022-3109
Medium priorityAn issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability.
1 affected package
ffmpeg
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ffmpeg | Not affected | Fixed | Fixed | Fixed | Fixed |