84 matches found
[SECURITY] [DSA 5712-1] ffmpeg security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5712-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 15, 2024 https://www.debian.org/security/faq -...
SUSE-SU-2024:1909-1 Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: - CVE-2020-22021: Fixed buffer overflow vulnerability in filteredges function in libavfilter/vfyadif.c bsc1186586. - CVE-2023-51794: Fixed a heap buffer overflow in libavfilter. bsc1223437...
USN-6449-1 ffmpeg vulnerabilities
It was discovered that FFmpeg incorrectly managed memory resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-22038 It was discovered that FFmpeg incorrect...
Exploit for SQL Injection in Zabbix
This repository is an open-source collection of vulnerable web applications and tools for security research and education, maintained by phith0n. It is an offensive tool for web application security research. The repository contains various vulnerable web applications, including CouchDB, FFmpeg,...
MGASA-2021-0495 Updated ffmpeg packages fix security vulnerability
FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service. CVE-2020-20446 FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service...
SUSE-SU-2021:2929-1 Security update for ffmpeg
This update for ffmpeg fixes the following issues: - CVE-2019-9721: Fixed a denial of service in the subtitle decoder in handleopenbrace from libavcodec/htmlsubtitles.c bsc1129714. - CVE-2020-22046: Fixed a denial of service vulnerability due to a memory leak in the avprivfloatdspallocl function ...
openSUSE 15 Security Update : ffmpeg (openSUSE-SU-2021:2322-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2322-1 advisory. - In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when the...
SUSE-SU-2021:2322-1 Security update for ffmpeg
This update for ffmpeg fixes the following issues: - CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an m3u8 file bsc1172640. - CVE-2020-21041: Fixed buffer overflow vulnerability via apngdoinverseblend in libavcodec/pngenc.c bsc1186406. - CVE-2019-17539: Fixed NULL pointer...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : FFmpeg vulnerabilities (USN-4431-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4431-1 advisory. It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to...
USN-4431-1 ffmpeg vulnerabilities
It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see:...
SUSE-SU-2019:1299-2 Security update for ffmpeg
This update for ffmpeg fixes the following issues: Security issue fixed: - CVE-2018-14395: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a DoS bsc1101889 - CVE-2018-14394: Fixed a divide-by-zero error in libavformat/movenc.c that allowed attackers to cause a...
CVE-2016-1898
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the subfile protocol in an HTTP Live Streaming HLS M3U8 file, leading to an external HTTP request in which the URL string contains an arbitrary line of a local file...
MGASA-2015-0233 Updated avidemux packages fix security vulnerabilities
Updated avidemux packages fix security vulnerabilities: The mjpegdecodeapp function in libavcodec/mjpegdec.c in FFMpeg before 1.2.11 allows remote attackers to cause a denial of service out-of-bounds heap access and possibly have other unspecified impact via vectors related to LJIF tags in an MJP...
Multiple Integer Overflow Vulnerabilities in FFmpeg
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. Multiple integer overflow vulnerabilities exist in FFmpeg versions prior to 0.10.1. An attacker can exploit the vulnerabilities to execute arbitrary code in the context of the affected...
libav / ffmpeg multiple security vulnerabilities
Multiple memory corruptions on different media formats parsing...
CVE-2014-7937
Multiple off-by-one errors in libavcodec/vorbisdec.c in FFmpeg before 2.4.2, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service use-after-free or possibly have unspecified other impact via crafted Vorbis I data...
libav / ffmpeg multiple security vulnerabilities
Vulnerabilitlies in different demuxers and decoders...
CVE-2013-7010
Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted data...
CVE-2013-0894
Buffer overflow in the vorbisparsesetuphdrfloors function in the Vorbis decoder in vorbisdec.c in libavcodec in FFmpeg through 1.1.3, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial...
DEBIAN-CVE-2011-2162
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 aka CS4.0; and Mandriva Enterprise Server 5 aka MES5 have unknown impact and attack vectors, related to issues...