1001 matches found
Advisory ROSA-SA-2026-3312
Software: ffmpeg 4.4.6 OS: ROSA-CHROME Unaffected versions: = ffmpeg-4.4.6-4 Affected versions: ffmpeg-4.4.6-4 CVE-ID: CVE-2026-40962 BDU-ID: None CVE-Crit: Medium CVE-DESCRIPTION: The vulnerability related to integer overflow in FFmpeg allows an attacker to execute write operations beyond the...
Astra Linux - уязвимость в ffmpeg5
When decoding an OpenEXR file that uses DWAA or DWAB compression, there is an implicit assumption that the height and width are divisible by 8. If the height or width of the image is not divisible by 8, the copy process will loop at 0 and 1, continuing to write until the next multiple of 8 is...
Astra Linux - уязвимость в ffmpeg
In FFmpeg versions prior to 5.1.2, the libavcodec/pthreadframe.c file, used in VLC and other products, leaves stale hwaccel state in worker threads. This allows attackers to trigger a use-after-free and execute arbitrary code under certain circumstances e.g., during hardware reinitialization upon...
Astra Linux - уязвимость в ffmpeg
Before ffmpeg version 4.3, the tty demuxer did not have a ‘readprobe’ function assigned to it. By creating a legitimate “ffconcat” file that references an image, followed by a file that triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim as long ...
Astra Linux - уязвимость в ffmpeg, ffmpeg5
An integer overflow in the component /libavformat/westwoodvqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file...
Astra Linux - уязвимость в ffmpeg5
FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer overflow via the ffgaussianblur8 function in libavfilter/edgetemplate.c:116:5 component...
Astra Linux - уязвимость в ffmpeg
FFmpeg version git commit de8e6e67e7523e48bb27ac224a0b446df05e1640 suffers from an assertion failure in src/libavutil/mathematics.c...
Astra Linux - уязвимость в ffmpeg
A heap-use-after-free in the avfreep function in libavutil/mem.c of FFmpeg 4.2 allows attackers to execute arbitrary code...
Astra Linux - уязвимость в ffmpeg5
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avfshowspectrum.c:1789:52 component in showspectrumpicrequestframe...
Astra Linux - уязвимость в ffmpeg
An integer overflow vulnerability exists in the function filter16roberts in libavfilter/vfconvolution.c in Ffmpeg 4.2.1. Attackers can exploit this vulnerability to cause a Denial of Service or other unspecified impacts...
Astra Linux - уязвимость в ffmpeg, ffmpeg5
A flaw was discovered in FFmpeg’s DASH playlist support. This vulnerability allows for arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg, through a crafted DASH playlist containing malicious URLs...
CVE-2026-40962
CVE-2026-40962 affects FFmpeg before 8.1. It describes an integer overflow that enables a resultant out-of-bounds write via CENC (Common Encryption) subsample data in libavformat/mov.c. The vulnerability concerns the handling of CENC subsample data and can be triggered through code paths in mov.c...
CVE-2026-40962
FFmpeg before 8.1 has an integer overflow and resultant out-of-bounds write via CENC Common Encryption subsample data to libavformat/mov.c...
Linux Distros Unpatched Vulnerability : CVE-2026-30998
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS...
EUVD-2026-23098
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
DEBIAN-CVE-2026-6385
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
CVE-2026-6385
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
CVE-2026-6385
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
CVE-2026-6385 Ffmpeg: ffmpeg: denial of service and potential arbitrary code execution via signed integer overflow in dvd subtitle parser
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...
CVE-2026-6385
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reassembly bounds...