Astra Linux – Vulnerability in ffmpeg

FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service...

UBUNTU-CVE-2026-8461

An out-of-bounds write vulnerability in FFmpegs libavcodec library, s...

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

EUVD-2026-37878

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

CVE-2026-8461 Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

PT-2026-50667

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 8.1.2 Description An out-of-bounds write occurs in the libavcodec library, specifically within the MagicYUV decoder. This issue is triggered by an odd slice height and is associated with the file libavcodec/magicyuv.C...

Astra Linux – Vulnerability in ffmpeg

The decodeframe function in libavcodec/exr.c in FFmpeg 4.3.1 has a buffer overflow due to errors in calculating when to perform memset zero operations...

Astra Linux – Vulnerability in ffmpeg

FFmpeg 4.2 is affected by a divide-by-zero issue through the libavcodec/aacpsy.c module, which allows a remote malicious user to cause a Denial of Service attack...

Astra Linux – Vulnerability in ffmpeg

FFmpeg 4.2 is affected by a divide-by-zero issue through the libavcodec/lpc.h library, which allows a remote malicious user to cause a Denial of Service attack...

EUVD-2026-21972

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

Malicious code in libavcodec-extra (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 00a68b4208fb4614b815e8a867c2155a8667b424e6457e3b72da362edbad9615 During installation or import, the package exfiltrates basic information in a dependency confusion attempt. The user identifies themselves as a HackerOne user...

CVE-2025-69693

Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder libavcodec/rv60dec.c. The quantization parameter qp validation at line 2267 only checks the lower bound qp 0 but is missing upper bound validation. The qp value can reach 65 base value 63 from 6-bit frame header + offset +2 from...

CLEANSTART-2026-XE32069 Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ...

Multiple security vulnerabilities affect the ffmpeg package. Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service DoS via the...

CLEANSTART-2026-PS82605 Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a ...

Multiple security vulnerabilities affect the ffmpeg package. Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service DoS via the...

CVE-2017-18244

The stereoprocessing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted aac file, related to ffpsapply...

CVE-2025-7700

A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data theft or system control, it can be used to disrupt services and...

JLSEC-2025-106 In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and poss...

In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer...

JLSEC-2025-101 FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcode...

FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbsav1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in...