7533 matches found
CVE-2026-8461 vulnerabilities
Vulnerabilities for packages: ffmpeg...
GHSA-QFF7-4Q6C-M8H6 vulnerabilities
Vulnerabilities for packages: ffmpeg...
GHSA-QFF7-4Q6C-M8H6 vulnerabilities
Vulnerabilities for packages: ffmpeg...
CVE-2026-8461 vulnerabilities
Vulnerabilities for packages: ffmpeg...
OESA-2026-2826 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A use-after-free...
openSUSE 16: ffmpeg-7 / ffmpeg-7-libavcodec-devel / ffmpeg-7-libavdevice-devel / etc (openSUSE-SU-2026:21211-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21211-1 advisory. This update for ffmpeg-7 fixes the following issues - CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow...
OPENSUSE-SU-2026:21211-1 Security update for ffmpeg-7
This update for ffmpeg-7 fixes the following issues - CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow bsc1262237. Changes for ffmpeg-7: - Update to version 7.1.4: Codec, format, filter and various other bugfixes. lavc/aarch64: Fix addp overflow in...
Linux Distros Unpatched Vulnerability : CVE-2026-13858
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory v...
CVE-2026-13858
Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...
CVE-2026-13858
Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...
CVE-2026-13858
CVE-2026-13858 involves an out-of-bounds read in FFmpeg when used by Google Chrome prior to version 150.0.7871.47. The vulnerability could allow a remote attacker to read process memory via a crafted video file, with the impact described as high confidentiality risk and no changes to integrity/av...
CVE-2026-13858
Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...
PT-2026-54135
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An out of bounds read occurs in FFmpeg, which is a multimedia framework used to handle audio, video, and other multimedia files. This issue allows a remote attacker to obtain potentiall...
CVE-2026-58049
A flaw was found in FFmpeg's RASC video decoder. A remote attacker could exploit this by providing a crafted media stream using the RASC FourCC Four Character Code, which is then decoded by libavcodec. This vulnerability triggers a bitstream-controlled out-of-bounds heap write and an adjacent...
Out-of-bounds Write
Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the decodedlta function. An attacker can cause memory corruption, potentially leading to information disclosure, data modification, or application crash by supplying a crafted media stream containing a malicious...
DEBIAN-CVE-2026-58049
FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...
CVE-2026-58049
FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...
UBUNTU-CVE-2026-58049
FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...
CVE-2026-58049
CVE-2026-58049 concerns FFmpeg’s RASC video decoder (decode_dlta in libavcodec/rasc.c). The issue arises when the code performs 32-bit reads/writes at the row cursor before the NEXT_LINE boundary check and validates the DLTA region in pixels rather than bytes. On PAL8 frames, this enables a DLTA ...
CVE-2026-58049
FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...