Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

FreeBSD : ffmpeg -- Out-of-bounds write (ba8d239f-709f-11f1-a30e-28d2443e6cfa)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ba8d239f-709f-11f1-a30e-28d2443e6cfa advisory. https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/23159 reports: An out-of-bounds write vulnerability in...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References4
OSV
OSV
added 2026/06/26 8:24 p.m.3 views

JLSEC-2026-653 An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV...

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6AI score0.00477EPSS
Exploits3References3
Malwarebytes
Malwarebytes
added 2026/06/24 5:23 p.m.5 views

PixelSmash flaw turns video files into attack tools

A newly discovered vulnerability in FFmpeg’s MagicYUV decoder can turn a tiny, malformed video into a foothold for attackers. Researchers have disclosed PixelSmash, a critical vulnerability tracked as CVE-2026-8461, in FFmpeg’s MagicYUV video decoder with a CVSS score of 8.8. By crafting a...

8.8CVSS6.6AI score0.00477EPSS
Exploits3
OSV
OSV
added 2026/06/24 1:10 p.m.4 views

OESA-2026-2697 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An out-of-bounds write...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References2
OSV
OSV
added 2026/06/24 1:10 p.m.4 views

OESA-2026-2696 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A flaw was found in...

8.8CVSS6.1AI score0.00477EPSS
Exploits4References3
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

FFmpeg < 8.1.2 Out-of-Bounds Write (CVE-2026-8461)

The version of FFmpeg installed on the remote host is prior to 8.1.2. It is, therefore, affected by an out-of-bounds write vulnerability: - An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can b...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-8461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be...

8.8CVSS6.2AI score0.00477EPSS
Exploits3References3
NVD
NVD
added 2026/06/18 2:17 p.m.65 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00477EPSS
Exploits3References4
Snyk
Snyk
added 2026/06/18 1:15 p.m.4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the MagicYUV decoder process in the libavcodec library. An attacker can cause a denial of service or potentially execute arbitrary code by submitting a specially crafted file that triggers an odd sliceheight valu...

8.8CVSS7.5AI score0.00477EPSS
Exploits3References2
Cvelist
Cvelist
added 2026/06/18 11:29 a.m.22 views

CVE-2026-8461 Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00477EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2026/06/18 11:29 a.m.15 views

CVE-2026-8461 Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.7AI score0.00477EPSS
Exploits3References1
AlpineLinux
AlpineLinux
added 2026/06/18 11:29 a.m.6 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6.1AI score0.00477EPSS
Exploits3
CVE
CVE
added 2026/06/18 11:29 a.m.195 views

CVE-2026-8461

The CVE-2026-8461 affects FFmpeg’s libavcodec/magicyuv.c in the MagicYUV decoder. It is a heap out-of-bounds write triggered by an odd slice_height, enabling denial-of-service and, in some cases, remote code execution. Affected software: FFmpeg prior to version 8.1.2; patched in 8.1.2 and later. ...

8.8CVSS5.6AI score0.00477EPSS
Exploits3References4
FreeBSD
FreeBSD
added 2026/06/18 12:0 a.m.4 views

ffmpeg -- Out-of-bounds write

https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/23159 reports: An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.18 views

PT-2026-50667

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 8.1.2 Description A heap out-of-bounds write issue, dubbed PixelSmash, exists in the MagicYUV decoder within the libavcodec library, specifically in the file libavcodec/magicyuv.C. The flaw is caused by a rounding...

10CVSS7.9AI score0.00477EPSS
Exploits3References44
Rows per page
Query Builder