ffmpeg

489 tracked vulnerabilities.

CVE-2024-35368 CRITICAL
FFmpeg n7.0 - Double Free in rkmpp_retrieve_frame
Nov 29, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-35367 CRITICAL
FFmpeg n6.1.1 - Out-of-bounds Read in VP8 DSP AltiVec Filter
Nov 29, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-35366 CRITICAL
FFmpeg n6.1.1 - Integer Overflow in libavformat parse_options
Nov 29, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-36616 MEDIUM
FFmpeg n6.1.1 - Denial of Service via Crafted VQA File Integer Overflow
Nov 29, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-36615 MEDIUM
FFmpeg n7.0 - Race Condition in VP9 Decoder
Nov 29, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-36618 MEDIUM
FFmpeg n6.1.1 - Denial of Service via Integer Overflow in AVI Demuxer
Nov 29, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-36617 MEDIUM
FFmpeg < 3.4.14 - Integer Overflow in CAF Decoder
Nov 29, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-36619 MEDIUM
FFmpeg n6.1.1 - Denial of Service via WAVARC Decoder Integer Overflow
Nov 29, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-35369 MEDIUM
FFmpeg n6.1.1 - Integer Overflow in Speex Extradata Parsing
Nov 29, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-7272 MEDIUM
FFmpeg < 5.1.6 - Heap-based Buffer Overflow in fill_audiodata
Aug 12, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-7055 MEDIUM
FFmpeg < 4.3.8 - Heap-based Buffer Overflow in pnm_decode_frame
Aug 06, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-32230 HIGH
FFmpeg 7.0 - Buffer Overflow in load_input_picture
Jul 01, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-32229 HIGH
FFmpeg 7.0 - Heap-based Buffer Overflow in copy_column
Jul 01, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-32228 MEDIUM
FFmpeg 7.0 - Stack-based Buffer Overflow in hevc_frame_end
Jul 01, 2024
CVSS 6.6
EPSS 0.00
CVE-2024-31585 MEDIUM
FFmpeg 5.1-6.1 - Denial of Service via Off-by-one Error in libavfilter/avf_showspectrum.c
Apr 17, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-31582 HIGH
FFmpeg 6.1 - Heap-based Buffer Overflow in draw_block_rectangle
Apr 17, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-31581 CRITICAL
FFmpeg n6.1 - Improper Validation of Array Index in libavcodec/cbs_h266_syntax_template.c
Apr 17, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-31578 HIGH
FFmpeg < 7.0 - Use-After-Free via av_hwframe_ctx_init
Apr 17, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-22861 HIGH
FFmpeg < 6.1 - Denial of Service via avcodec/osq Module Integer Overflow
Jan 27, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-22862 CRITICAL
FFmpeg < 6.1 - Remote Code Execution via JJPEG XL Parser Integer Overflow
Jan 27, 2024
CVSS 9.8
EPSS 0.02
CVE-2024-22860 CRITICAL
FFmpeg < 6.1 - Remote Code Execution via JPEG XL Animation Decoder Integer Overflow
Jan 27, 2024
CVSS 9.8
EPSS 0.03
CVE-2023-6605 HIGH
FFmpeg DASH Playlist - Arbitrary HTTP GET Request
Jan 06, 2025
CVSS 7.2
EPSS 0.00
CVE-2023-6604 MEDIUM
FFmpeg 2.0-6.0 - Denial of Service via XBIN Demuxer
Jan 06, 2025
CVSS 5.3
EPSS 0.00
CVE-2023-6601 MEDIUM
FFmpeg HLS Demuxer - Unsafe Extension Check Bypass
Jan 06, 2025
CVSS 4.7
EPSS 0.00
CVE-2023-6603 HIGH
FFmpeg 2.0-6.0 - Denial of Service via HLS Playlist Parsing
Dec 31, 2024
CVSS 7.5
EPSS 0.00
Products
ffmpeg 480 FFmpeg 8 MPEG-DASH 1 lavf_demuxer 1 libavcodec 1 libswresample 1
Quick Filters
Critical CVEs With Exploits In CISA KEV