ffmpeg-7-7.1.3-3.1 on GA media (moderate)

ffmpeg-7-7.1.3-3.1 on GA media Announcement ID: openSUSE-SU-2026:10768-1 Rating: moderate Cross-References: CVE-2026-40962 CVSS scores: CVE-2026-40962 SUSE : 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L CVE-2026-40962 SUSE : 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N...

CLSA-2026-1777973407 libvpx: Fix of CVE-2024-5197

CVE-2024-5197: fix integer overflows in image allocation and wrapping logic...

Important: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

编号撤回

pgproto3 is a PostgreSQL protocol encoding library developed by Jack Christensen. This CVE number has been withdrawn...

USN-8053-1: libvpx vulnerability

It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...

Moderate: Red Hat Security Advisory: libvpx security update

An update for libvpx is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Linux Distros Unpatched Vulnerability : CVE-2022-3109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the FFmpeg package, where vp3decodeframe in libavcodec/vp3.c lacks check of the return value of avmalloc and will cause a null pointe...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

libvpx: Double-free in libvpx encoder

A flaw was found in libvpx. A double-free issue can occur in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This can cause memory corruption and an exploitable crash...

The vulnerability of the encoding library for generating video streams with the libx264 library in the FFmpeg multimedia library lies in improper code generation control. This allows attackers to execute arbitrary code.

The vulnerability of the encoding library for generating video streams with the libx264 library in the FFmpeg multimedia library is related to improper handling of code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created AAC file...

ROS-20250226-08

A vulnerability in the OpenJPEG image encoding and decoding library is related to memory boundary errors. memory boundary errors. Exploitation of the vulnerability could allow an attacker to execute arbitrary code A vulnerability in the OpenJPEG image encoding and decoding library is related to a...

SUSE CVE-2024-5197

There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...

DEBIAN-CVE-2023-6349

A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above...

CVE-2023-47470

Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service DoS via the refpicliststruct function in libavcodec/evcps.c...

The vulnerability of the Emscripten compiler in the encoding and decoding library for HEIF and AVIF files, which allows a hacker to trigger a service failure.

The vulnerability of the Emscripten compiler in the library for encoding and decoding HEIF and AVIF files is related to the copying of buffers without checking the size of the input data during image processing using the strided function. Exploiting this vulnerability can allow an attacker to cau...

UBUNTU-CVE-2019-13312

blockcmp in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read...

Pornhub: SSRF and local file disclosure by video upload on https://www.tube8.com/

The researcher was successful in exploiting a vulnerability in 3rd party encoding library resulting in the execution of SSRF attacks and Local File Disclosure...

Google Chrome FFmpeg Competitive Conditions Vulnerability

Google Chrome is an open source WEB browser. The 'updatedimensions' function in the libavcodec/vp8.c file of FFmpeg used by Google to perform multi-threaded operations relies on coefficient-partition counting, allowing remote attackers to build special WebM files for denial-of-service attacks...