414 matches found
Advisory ROSA-SA-2025-2949
software: ffmpeg 4.4.6 OS: ROSA-CHROME unaffected versions = ffmpeg-4.4.6-1 affected versions ffmpeg-4.4.6-1 CVE-ID: CVE-2025-1594 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A buffer overflow vulnerability in FFmpeg allows a remote attacker to initiate an attack via the ffaacsearchfortns function in...
CVE-2021-25454
OOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute remote DoS via forged aac file...
CVE-2020-0103
In a2dpaacdecodercleanup of a2dpaacdecoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android...
CVE-2020-0279
In the AAC parser, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-131430997...
CVE-2019-9283
In AAC Codec, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663564...
CVE-2019-9247
In AAC Codec, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120426166...
CVE-2011-4246
The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors...
CVE-2019-15574
Gesior-AAC before 2019-05-01 allows serviceID SQL injection in accountmanagement.php...
CVE-2019-15573
Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php...
CVE-2019-15572
Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in shop.php...
CVE-2011-4248
RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file...
CVE-2007-6718
MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service SIGSEGV and application crash via 1 a malformed MP3 file, as demonstrated by lol-mplayer.mp3; 2 a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; 3 a malformed MPEG-1 file, as demonstrated by...
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: CVE-2020-22037: Fixed unchecked return value of the initvlc function bsc1186756 CVE-2024-12361: Fixed null pointer dereference bsc1237358 CVE-2024-35368: Fixed double free via the rkmppretrieveframe function within libavcodec/rkmppdec.c...
The vulnerability of the encoding library for generating video streams with the libx264 library in the FFmpeg multimedia library lies in improper code generation control. This allows attackers to execute arbitrary code.
The vulnerability of the encoding library for generating video streams with the libx264 library in the FFmpeg multimedia library is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created AAC file...
FFmpeg Buffer Overflow Vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version 7.1 and earlier versions, which originates from the ffaacsearchfortns function in the libavcodec/aacenctns.c file of the AAC Encoder...
SUSE CVE-2025-1594
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2025-1594
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2025-1594 FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflow
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2025-1594 FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflow
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...
CVE-2025-1594
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...