Lucene search
K

7531 matches found

Debian CVE
Debian CVE
added 2026/06/19 10:55 a.m.6 views

CVE-2026-12706

A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker could exploit this by...

6.5CVSS6AI score0.00245EPSS
Exploits0
NVD
NVD
added 2026/06/18 2:17 p.m.75 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00477EPSS
Exploits3References4
OSV
OSV
added 2026/06/18 2:17 p.m.19 views

UBUNTU-CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6.2AI score0.00477EPSS
Exploits3References3
Snyk
Snyk
added 2026/06/18 1:15 p.m.4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the MagicYUV decoder process in the libavcodec library. An attacker can cause a denial of service or potentially execute arbitrary code by submitting a specially crafted file that triggers an odd sliceheight valu...

8.8CVSS7.5AI score0.00477EPSS
Exploits3References2
AlpineLinux
AlpineLinux
added 2026/06/18 11:29 a.m.8 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6.1AI score0.00477EPSS
Exploits3
ATTACKERKB
ATTACKERKB
added 2026/06/18 11:29 a.m.5 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.6AI score0.00477EPSS
Exploits3References2
Vulnrichment
Vulnrichment
added 2026/06/18 11:29 a.m.15 views

CVE-2026-8461 Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.7AI score0.00477EPSS
Exploits3References1
CVE
CVE
added 2026/06/18 11:29 a.m.234 views

CVE-2026-8461

The CVE-2026-8461 affects FFmpeg’s libavcodec/magicyuv.c in the MagicYUV decoder. It is a heap out-of-bounds write triggered by an odd slice_height, enabling denial-of-service and, in some cases, remote code execution. Affected software: FFmpeg prior to version 8.1.2; patched in 8.1.2 and later. ...

8.8CVSS5.6AI score0.00477EPSS
Exploits3References4
Cvelist
Cvelist
added 2026/06/18 11:29 a.m.26 views

CVE-2026-8461 Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00477EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2026/06/18 11:29 a.m.9 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.8AI score0.00477EPSS
Exploits3
OSV
OSV
added 2026/06/18 8:52 a.m.3 views

SUSE-SU-2026:2445-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. - CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When...

9.8CVSS7AI score0.00715EPSS
Exploits3References20
OSV
OSV
added 2026/06/18 8:51 a.m.3 views

SUSE-SU-2026:2444-1 Security update for ffmpeg-4

This update for ffmpeg-4 fixes the following issues Update to version 4.4.7: - CVE-2023-6601: HLS Unsafe File Extension Bypass bsc1220545. - CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parseoptions function of sbgdec.c within the libavformat module. When...

9.8CVSS6.3AI score0.00715EPSS
Exploits3References20
FreeBSD
FreeBSD
added 2026/06/18 12:0 a.m.5 views

ffmpeg -- Out-of-bounds write

https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/23159 reports: An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References2
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/13 12:0 a.m.7 views

ffmpeg-7-7.1.4-3.1 on GA media (moderate)

ffmpeg-7-7.1.4-3.1 on GA media Announcement ID: openSUSE-SU-2026:11009-1 Rating: moderate Cross-References: CVE-2026-30997 CVSS scores: CVE-2026-30997 SUSE : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H CVE-2026-30997 SUSE : 7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N...

7.1CVSS5.4AI score0.00337EPSS
Exploits1
OSV
OSV
added 2026/06/12 12:26 p.m.10 views

OESA-2026-2664 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg 4.2 is affected ...

8.8CVSS7.2AI score0.02468EPSS
Exploits7References10
OSV
OSV
added 2026/06/12 12:26 p.m.10 views

OESA-2026-2663 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: FFmpeg 4.2 is affected ...

8.8CVSS7.2AI score0.02468EPSS
Exploits6References8
OSV
OSV
added 2026/06/12 12:0 a.m.5 views

OPENSUSE-SU-2026:11009-1 ffmpeg-7-7.1.4-3.1 on GA media

These are all security issues fixed in the ffmpeg-7-7.1.4-3.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.4AI score0.00337EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.5 views

openSUSE 16 Security Update : ffmpeg-4 (openSUSE-SU-2026:20914-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20914-1 advisory. Changes in ffmpeg-4: - CVE-2026-30997: avcodec/av1dec: check that primaryrefframe is within range bsc1262047 Tenable has extracted the preceding...

7.5CVSS5.6AI score0.00337EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-48238

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

6.1AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-48240

21 zero-day vulnerabilities in FFmpeg, the world’s most widely deployed media processing library, including a critical RCE-capable heap buffer overflow reachable with a single 183-byte network packet. The autonomous agent discovered vulnerabilities spanning the TS demuxer, VP9 decoder, RTP...

6.1AI score
Exploits0References1
Rows per page
Query Builder