Astra Linux - уязвимость в ffmpeg

The decodeframe function in libavcodec/exr.c in FFmpeg 4.3.1 has a buffer overflow due to errors in calculating when to perform memset zero operations...

Astra Linux - уязвимость в ffmpeg5

A vulnerability was discovered in FFmpeg up to version 7.0.1. It has been classified as critical. This issue affects the pnmDecodeFrame function in the /libavcodec/pnmdec.c library. The vulnerability causes a heap-based buffer overflow. The attack can be initiated remotely. The exploit has been...

OSV-2025-900 Heap-buffer-overflow in DecodeFrame

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=460575093 Crash type: Heap-buffer-overflow READ Crash state: DecodeFrame testdecoderprocess EsOutSend...

JLSEC-2025-121 An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks chec...

An issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks check of the return value of avmalloc and will cause a null pointer dereference, impacting availability...

JLSEC-2025-124 An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote at...

An issue was discovered in decodeframe in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service DoS...

JLSEC-2025-133 A vulnerability was found in FFmpeg up to 7.0.1

A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnmdecodeframe in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...

JLSEC-2025-111 decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in cal...

decodeframe in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations...

Linux Distros Unpatched Vulnerability : CVE-2017-17127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The vc1decodeframe function in libavcodec/vc1dec.c in Libav 12.2 allows remote attackers to cause a denial of service NULL pointer dereference and application...

Linux Distros Unpatched Vulnerability : CVE-2018-19128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Libav 12.3, there is a heap-based buffer over-read in decodeframe in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi...

Linux Distros Unpatched Vulnerability : CVE-2022-3109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks check of the return value of avmalloc and will cause a null pointe...

CVE-2020-36138

An issue was discovered in decodeframe in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service DoS...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jan-2025 Release 1, which originates from an out-of-bounds write issue contained in the...

OESA-2024-2075 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A vulnerability was fou...

SUSE CVE-2024-7055

A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnmdecodeframe in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...

DEBIAN-CVE-2024-7055

A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnmdecodeframe in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...

UBUNTU-CVE-2024-7055

A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnmdecodeframe in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed t...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version 7.0.1 and earlier versions, which originates from the pnmdecodeframe function in library/libavcodec/pnmdec.c that fails to correctly...

PT-2024-40685 · Git +1 · Openh264

Name of the Vulnerable Software and Affected Versions: Open-source software affected versions not specified Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the WelsDec::CWelsDecoder class, specifically in the ReorderPicturesInDisplay,...

SUSE CVE-2020-36138

An issue was discovered in decodeframe in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service DoS...

Design/Logic Flaw

An issue was discovered in decodeframe in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service DoS...