Lucene search
+L

17 matches found

osv
osv
added 4 days ago2 views

MGASA-2026-0249 Updated ffmpeg packages fix a security vulnerability

The updated packages fix a security vulnerability: Heap out-of-bounds write via odd sliceheight in FFmpeg MagicYUV decoder. CVE-2026-8461...

8.8CVSS7AI score0.00477EPSS
Exploits3References3
osv
osv
added 2026/07/06 6:26 a.m.5 views

OESA-2026-2826 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A use-after-free...

8.8CVSS6.3AI score0.00477EPSS
Exploits3References3
nessus
nessus
added 2026/06/28 12:0 a.m.9 views

FreeBSD : ffmpeg -- Out-of-bounds write (ba8d239f-709f-11f1-a30e-28d2443e6cfa)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ba8d239f-709f-11f1-a30e-28d2443e6cfa advisory. https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/23159 reports: An out-of-bounds write vulnerability in...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References4
osv
osv
added 2026/06/26 8:24 p.m.3 views

JLSEC-2026-653 An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV...

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6AI score0.00477EPSS
Exploits3References3
malwarebytes
malwarebytes
added 2026/06/24 5:23 p.m.9 views

PixelSmash flaw turns video files into attack tools

A newly discovered vulnerability in FFmpeg’s MagicYUV decoder can turn a tiny, malformed video into a foothold for attackers. Researchers have disclosed PixelSmash, a critical vulnerability tracked as CVE-2026-8461, in FFmpeg’s MagicYUV video decoder with a CVSS score of 8.8. By crafting a...

8.8CVSS6.6AI score0.00477EPSS
Exploits3
osv
osv
added 2026/06/24 1:10 p.m.4 views

OESA-2026-2697 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: An out-of-bounds write...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References2
osv
osv
added 2026/06/24 1:10 p.m.5 views

OESA-2026-2696 ffmpeg security update

FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: A flaw was found in...

8.8CVSS6.1AI score0.00477EPSS
Exploits4References3
nessus
nessus
added 2026/06/22 12:0 a.m.10 views

FFmpeg < 8.1.2 Out-of-Bounds Write (CVE-2026-8461)

The version of FFmpeg installed on the remote host is prior to 8.1.2. It is, therefore, affected by an out-of-bounds write vulnerability: - An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can b...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References3
nessus
nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-8461

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be...

8.8CVSS7.5AI score0.00477EPSS
Exploits3References3
nvd
nvd
added 2026/06/18 2:17 p.m.81 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00477EPSS
Exploits3References4
snyk
snyk
added 2026/06/18 1:15 p.m.4 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the MagicYUV decoder process in the libavcodec library. An attacker can cause a denial of service or potentially execute arbitrary code by submitting a specially crafted file that triggers an odd sliceheight valu...

8.8CVSS7.5AI score0.00477EPSS
Exploits3References2
vulnrichment
vulnrichment
added 2026/06/18 11:29 a.m.16 views

CVE-2026-8461 Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS5.7AI score0.00477EPSS
Exploits3References1
cvelist
cvelist
added 2026/06/18 11:29 a.m.29 views

CVE-2026-8461 Heap out-of-bounds write via odd slice_height in FFmpeg MagicYUV decoder

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS0.00477EPSS
Exploits3References1
alpinelinux
alpinelinux
added 2026/06/18 11:29 a.m.8 views

CVE-2026-8461

An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the file libavcodec/magicyuv.C. This issue affects FFmpeg befor...

8.8CVSS6.1AI score0.00477EPSS
Exploits3
cve
cve
added 2026/06/18 11:29 a.m.247 views

CVE-2026-8461

The CVE-2026-8461 affects FFmpeg’s libavcodec/magicyuv.c in the MagicYUV decoder. It is a heap out-of-bounds write triggered by an odd slice_height, enabling denial-of-service and, in some cases, remote code execution. Affected software: FFmpeg prior to version 8.1.2; patched in 8.1.2 and later. ...

8.8CVSS5.6AI score0.00477EPSS
Exploits3References4
freebsd
freebsd
added 2026/06/18 12:0 a.m.7 views

ffmpeg -- Out-of-bounds write

https://code.ffmpeg.org/FFmpeg/FFmpeg/pulls/23159 reports: An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in some cases, can be exploited for remote code execution. This vulnerability is associated with the...

8.8CVSS6.1AI score0.00477EPSS
Exploits3References2
ptsecurity
ptsecurity
added 2026/05/25 12:0 a.m.30 views

PT-2026-50667

Name of the Vulnerable Software and Affected Versions FFmpeg versions prior to 8.1.2 Description A heap out-of-bounds write issue, dubbed PixelSmash, exists in the MagicYUV decoder within the libavcodec library, specifically in the file libavcodec/magicyuv.C. The flaw is caused by a rounding...

10CVSS7.9AI score0.00477EPSS
Exploits3References44
Rows per page
Query Builder