CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•10 views

Astra Linux - уязвимость в ffmpeg

In FFmpeg versions prior to 5.1.2, the libavcodec/pthreadframe.c file, used in VLC and other products, leaves stale hwaccel state in worker threads. This allows attackers to trigger a use-after-free and execute arbitrary code under certain circumstances e.g., during hardware reinitialization upon...

8.1CVSS7.1AI score0.0032EPSS

Exploits1References2

Microsoft CVE•added 2025/09/04 12:15 a.m.•4 views

libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).

...

8.1CVSS7AI score0.0032EPSS

Exploits1

OSV•added 2024/07/19 11:8 a.m.•2 views

OESA-2024-1875 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An integer overflow...

8.1CVSS8AI score0.0032EPSS

Exploits3References4

SUSE CVE•added 2023/03/31 1:57 a.m.•3 views

SUSE CVE-2022-48434

libavcodec/pthreadframe.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances e.g., hardware re-initialization upon a mid-video SPS change when...

7.8CVSS7AI score0.0032EPSS

Exploits1References8

OSV•added 2023/03/29 5:15 p.m.•2 views

DEBIAN-CVE-2022-48434

8.1CVSS7.4AI score0.0032EPSS

Exploits1References1

ATTACKERKB•added 2023/03/29 5:15 p.m.•1 views

CVE-2022-48434

8.1CVSS7AI score0.0032EPSS

Exploits1References9

SUSE CVE•added 2023/02/15 5:20 a.m.•2 views

SUSE CVE-2015-2737

The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...

10CVSS9.1AI score0.01252EPSS

Exploits0References10

SUSE CVE•added 2023/02/15 5:14 a.m.•2 views

SUSE CVE-2015-7180

The ReadbackResultWriterD3D11::Run function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 misinterprets the return value of a function call, which might allow remote attackers to cause a denial of service memory corruption and application crash or possibly have unspecified other...

7.5CVSS7.5AI score0.03205EPSS

Exploits0References10

OSV•added 2015/10/15 10:59 a.m.•0 views

UBUNTU-CVE-2015-6760

The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome before 46.0.2490.71, mishandles mapping failures after device-lost events, which allows remote attackers to cause a denial of service invalid read or write or possibly have unspecified other impact v...

7.5CVSS7.4AI score0.0103EPSS

Exploits0References5