Lucene search
K

7533 matches found

Chainguard
Chainguard
added 4 days ago9 views

CVE-2026-8461 vulnerabilities

Vulnerabilities for packages: ffmpeg...

8.8CVSS7AI score0.00477EPSS
Exploits3
Chainguard
Chainguard
added 4 days ago7 views

GHSA-QFF7-4Q6C-M8H6 vulnerabilities

Vulnerabilities for packages: ffmpeg...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago10 views

GHSA-QFF7-4Q6C-M8H6 vulnerabilities

Vulnerabilities for packages: ffmpeg...

6.1AI score
Exploits0
Wolfi
Wolfi
added 4 days ago11 views

CVE-2026-8461 vulnerabilities

Vulnerabilities for packages: ffmpeg...

8.8CVSS6.1AI score0.00477EPSS
Exploits3
OSV
OSV
added 2026/07/06 6:26 a.m.5 views

OESA-2026-2826 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A use-after-free...

8.8CVSS6.3AI score0.00477EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.9 views

openSUSE 16: ffmpeg-7 / ffmpeg-7-libavcodec-devel / ffmpeg-7-libavdevice-devel / etc (openSUSE-SU-2026:21211-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:21211-1 advisory. This update for ffmpeg-7 fixes the following issues - CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow...

9.8CVSS6.7AI score0.00621EPSS
Exploits2References20
OSV
OSV
added 2026/07/02 10:9 a.m.2 views

OPENSUSE-SU-2026:21211-1 Security update for ffmpeg-7

This update for ffmpeg-7 fixes the following issues - CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow bsc1262237. Changes for ffmpeg-7: - Update to version 7.1.4: Codec, format, filter and various other bugfixes. lavc/aarch64: Fix addp overflow in...

9.8CVSS6.6AI score0.00621EPSS
Exploits2References13
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-13858

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory v...

6.5CVSS6.2AI score0.00276EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS0.00276EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00276EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:37 p.m.17 views

CVE-2026-13858

CVE-2026-13858 involves an out-of-bounds read in FFmpeg when used by Google Chrome prior to version 150.0.7871.47. The vulnerability could allow a remote attacker to read process memory via a crafted video file, with the impact described as high confidentiality risk and no changes to integrity/av...

6.5CVSS5.8AI score0.00276EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.25 views

CVE-2026-13858

Out of bounds read in FFmpeg in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file. Chromium security severity: Medium...

0.00276EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54135

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An out of bounds read occurs in FFmpeg, which is a multimedia framework used to handle audio, video, and other multimedia files. This issue allows a remote attacker to obtain potentiall...

9.8CVSS6AI score0.00413EPSS
Exploits0References451
RedhatCVE
RedhatCVE
added 2026/06/29 5:51 p.m.7 views

CVE-2026-58049

A flaw was found in FFmpeg's RASC video decoder. A remote attacker could exploit this by providing a crafted media stream using the RASC FourCC Four Character Code, which is then decoded by libavcodec. This vulnerability triggers a bitstream-controlled out-of-bounds heap write and an adjacent...

8.8CVSS6AI score0.00217EPSS
Exploits0References6
Snyk
Snyk
added 2026/06/28 7:36 p.m.8 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the decodedlta function. An attacker can cause memory corruption, potentially leading to information disclosure, data modification, or application crash by supplying a crafted media stream containing a malicious...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References2
OSV
OSV
added 2026/06/28 2:16 a.m.3 views

DEBIAN-CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/06/28 2:16 a.m.30 views

CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS0.00217EPSS
Exploits0References6
OSV
OSV
added 2026/06/28 2:16 a.m.4 views

UBUNTU-CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References5
CVE
CVE
added 2026/06/28 1:32 a.m.53 views

CVE-2026-58049

CVE-2026-58049 concerns FFmpeg’s RASC video decoder (decode_dlta in libavcodec/rasc.c). The issue arises when the code performs 32-bit reads/writes at the row cursor before the NEXT_LINE boundary check and validates the DLTA region in pixels rather than bytes. On PAL8 frames, this enables a DLTA ...

8.8CVSS5.8AI score0.00217EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/28 1:32 a.m.6 views

CVE-2026-58049

FFmpeg's RASC video decoder decodedlta in libavcodec/rasc.c performs 32-bit reads and writes at the row cursor before the NEXTLINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame can access several bytes past the row allocation. A...

8.8CVSS5.8AI score0.00217EPSS
Exploits0
Rows per page
Query Builder