Lucene search
K

1153 matches found

OSV
OSV
added 2026/06/26 8:24 p.m.3 views

JLSEC-2026-653 An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV...

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6AI score0.00477EPSS
Exploits3References3
OSV
OSV
added 2026/06/24 1:10 p.m.4 views

OESA-2026-2697 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An out-of-bounds write...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References2
NVD
NVD
added 2026/06/18 2:17 p.m.77 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00477EPSS
Exploits3References4
OSV
OSV
added 2026/06/18 2:17 p.m.19 views

UBUNTU-CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6.2AI score0.00477EPSS
Exploits3References3
Snyk
Snyk
added 2026/06/18 1:15 p.m.4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the MagicYUV decoder process in the libavcodec library. An attacker can cause a denial of service or potentially execute arbitrary code by submitting a specially crafted file that triggers an odd sliceheight valu...

8.8CVSS7.5AI score0.00477EPSS
Exploits3References2
Cvelist
Cvelist
added 2026/06/18 11:29 a.m.27 views

CVE-2026-8461 Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00477EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2026/06/18 11:29 a.m.9 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.8AI score0.00477EPSS
Exploits3
EUVD
EUVD
added 2026/06/18 11:29 a.m.12 views

EUVD-2026-37878

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.7AI score0.00477EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.24 views

PT-2026-50667

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 8.1.2 Description A heap out-of-bounds write issue, dubbed PixelSmash, exists in the MagicYUV decoder within the libavcodec library, specifically in the file libavcodec/magicyuv.C. The flaw is caused by a rounding...

10CVSS7.9AI score0.00477EPSS
Exploits3References44
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in ffmpeg

FFmpeg 4.2 is affected by a divide-by-zero issue through the libavcodec/lpc.h library, which allows a remote malicious user to cause a Denial of Service attack...

6.5CVSS6.8AI score0.01649EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in ffmpeg

The decodeframe function in libavcodec/exr.c in FFmpeg 4.3.1 has a buffer overflow due to errors in calculating when to perform memset zero operations...

7.5CVSS7.5AI score0.02263EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in ffmpeg

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service...

6.5CVSS6.8AI score0.01777EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in ffmpeg

FFmpeg 4.2 is affected by a divide-by-zero issue through the libavcodec/aacpsy.c module, which allows a remote malicious user to cause a Denial of Service attack...

6.5CVSS6.8AI score0.0173EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in ffmpeg, ffmpeg5

FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideoenc.c:1216:21 in loadinputpicture in FFmpeg7.0...

7.8CVSS6.7AI score0.00355EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in ffmpeg, ffmpeg5

It was discovered that FFmpeg git-master, N-113007-g8d24a28d06 contains a segmentation violation through the component /libavcodec/jpeg2000dec.c...

6.5CVSS6.5AI score0.00344EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/13 3:31 p.m.4 views

EUVD-2026-21972

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS5.8AI score0.00337EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/04/13 12:0 a.m.3 views

CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

5.8AI score0.00337EPSS
Exploits1References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/19 5:37 p.m.8 views

Malicious code in libavcodec-extra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 00a68b4208fb4614b815e8a867c2155a8667b424e6457e3b72da362edbad9615 During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...

5.9AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/03/16 8:16 p.m.5 views

CVE-2025-69693

Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder libavcodec/rv60dec.c. The quantization parameter qp validation at line 2267 only checks the lower bound qp 0 but is missing upper bound validation. The qp value can reach 65 base value 63 from 6-bit frame header + offset +2 from...

5.4CVSS5.9AI score0.00266EPSS
Exploits0References1
OSV
OSV
added 2026/02/06 1:10 a.m.6 views

CLEANSTART-2026-XE32069 Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ...

Multiple security vulnerabilities affect the ffmpeg package. Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service DoS via the...

9.8CVSS8.9AI score0.04244EPSS
Exploits17References119
Rows per page
Query Builder