Lucene search
+L

414 matches found

Rosalinux
Rosalinux
added 2025/08/06 8:30 a.m.7 views

Advisory ROSA-SA-2025-2949

software: ffmpeg 4.4.6 OS: ROSA-CHROME unaffected versions = ffmpeg-4.4.6-1 affected versions ffmpeg-4.4.6-1 CVE-ID: CVE-2025-1594 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A buffer overflow vulnerability in FFmpeg allows a remote attacker to initiate an attack via the ffaacsearchfortns function in...

8.8CVSS6.3AI score0.00534EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 9:37 p.m.9 views

CVE-2021-25454

OOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute remote DoS via forged aac file...

5.5CVSS7.2AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:16 p.m.6 views

CVE-2020-0103

In a2dpaacdecodercleanup of a2dpaacdecoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android...

10CVSS9.4AI score0.01608EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:59 p.m.7 views

CVE-2020-0279

In the AAC parser, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-131430997...

6.5CVSS6.5AI score0.00988EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:23 a.m.8 views

CVE-2019-9283

In AAC Codec, there is a possible resource exhaustion due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112663564...

6.5CVSS6.9AI score0.00875EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:23 a.m.6 views

CVE-2019-9247

In AAC Codec, there is a missing variable initialization. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-120426166...

6.5CVSS6.5AI score0.00732EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:47 a.m.9 views

CVE-2011-4246

The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors...

10CVSS8.2AI score0.04022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:11 a.m.8 views

CVE-2019-15574

Gesior-AAC before 2019-05-01 allows serviceID SQL injection in accountmanagement.php...

9.8CVSS8AI score0.01371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 a.m.6 views

CVE-2019-15573

Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php...

9.8CVSS8AI score0.01371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:48 a.m.6 views

CVE-2019-15572

Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in shop.php...

9.8CVSS8AI score0.01371EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:48 a.m.10 views

CVE-2011-4248

RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file...

9.3CVSS7.9AI score0.03646EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 11:31 p.m.9 views

CVE-2007-6718

MPlayer, possibly 1.0rc1, allows remote attackers to cause a denial of service SIGSEGV and application crash via 1 a malformed MP3 file, as demonstrated by lol-mplayer.mp3; 2 a malformed Ogg Vorbis file, as demonstrated by lol-mplayer.ogg; 3 a malformed MPEG-1 file, as demonstrated by...

7.6CVSS7AI score0.16048EPSS
Exploits3References1
SUSE Linux
SUSE Linux
added 2025/04/03 11:54 a.m.2 views

Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues: CVE-2020-22037: Fixed unchecked return value of the initvlc function bsc1186756 CVE-2024-12361: Fixed null pointer dereference bsc1237358 CVE-2024-35368: Fixed double free via the rkmppretrieveframe function within libavcodec/rkmppdec.c...

6.9CVSS7.5AI score0.01599EPSS
Exploits1References44
BDU FSTEC
BDU FSTEC
added 2025/03/03 12:0 a.m.8 views

The vulnerability of the encoding library for generating video streams with the libx264 library in the FFmpeg multimedia library lies in improper code generation control. This allows attackers to execute arbitrary code.

The vulnerability of the encoding library for generating video streams with the libx264 library in the FFmpeg multimedia library is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created AAC file...

10CVSS6AI score0.00616EPSS
Exploits0References3Affected Software2
CNVD
CNVD
added 2025/02/28 12:0 a.m.11 views

FFmpeg Buffer Overflow Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version 7.1 and earlier versions, which originates from the ffaacsearchfortns function in the libavcodec/aacenctns.c file of the AAC Encoder...

8.8CVSS8.2AI score0.00534EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2025/02/25 1:59 a.m.3 views

SUSE CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

6.3CVSS6.4AI score0.00534EPSS
Exploits1References5
NVD
NVD
added 2025/02/23 9:15 p.m.20 views

CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

8.8CVSS0.00534EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/02/23 9:0 p.m.13 views

CVE-2025-1594 FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflow

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

7.5CVSS7.1AI score0.00534EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/02/23 9:0 p.m.46 views

CVE-2025-1594 FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflow

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

7.5CVSS0.00534EPSS
Exploits1References6
AlpineLinux
AlpineLinux
added 2025/02/23 9:0 p.m.5 views

CVE-2025-1594

A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ffaacsearchfortns of the file libavcodec/aacenctns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

8.8CVSS7.4AI score0.00534EPSS
Exploits1
Rows per page
Query Builder