CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-50008 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2023-50008
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the av_malloc function in libavutil/mem.c:105:9 component. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.n6.1-3-g466799d4f5 permite a un atacante local ejecutar código arbitrario a través de la función av_malloc en el componente libavutil/mem.c:105:9. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue ... • https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-50009 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2023-50009
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 component. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.n6.1-3-g466799d4f5 permite a un atacante local ejecutar código arbitrario a través de la función ff_gaussian_blur_8 en el componente libavfilter/edge_template.c:116:5. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. ... • https://ffmpeg.org • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2023-50010 – Debian Security Advisory 5721-1
https://notcve.org/view.php?id=CVE-2023-50010
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the set_encoder_id function in /fftools/ffmpeg_enc.c component. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.n6.1-3-g466799d4f5 permite a un atacante local ejecutar código arbitrario a través de la función set_encoder_id en el componente /fftools/ffmpeg_enc.c. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use t... • https://ffmpeg.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-51791
https://notcve.org/view.php?id=CVE-2023-51791
19 Apr 2024 — Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map. La vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través de libavcodec/jpegxl_parser.c en gen_alias_map. • https://ffmpeg.org • CWE-121: Stack-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2023-51793 – Debian Security Advisory 5721-1
https://notcve.org/view.php?id=CVE-2023-51793
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través de libavutil/imgutils.c:353:9 en image_copy_plane. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to... • https://ffmpeg.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-51795 – Debian Security Advisory 5712-1
https://notcve.org/view.php?id=CVE-2023-51795
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través del componente libavfilter/avf_showspectrum.c:1789:52 en showspectrumpic_request_frame Several vulnerabilities have been discovered in the FFmpeg multimedia framework, whic... • https://ffmpeg.org • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2023-51797
https://notcve.org/view.php?id=CVE-2023-51797
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través de libavfilter/avf_showwaves.c:722:24 en showwaves_filter_frame • https://ffmpeg.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2023-51798 – Debian Security Advisory 5721-1
https://notcve.org/view.php?id=CVE-2023-51798
19 Apr 2024 — Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate. Vulnerabilidad de desbordamiento de búfer en Ffmpeg v.N113007-g8d24a28d06 permite a un atacante local ejecutar código arbitrario a través de un error de excepción de punto flotante (FPE) en libavfilter/vf_minterpolate.c:1078:60 en interpolación. Several vulnerabilities have been discovered in the FF... • https://ffmpeg.org • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 14EXPL: 0CVE-2024-31578 – Ubuntu Security Notice USN-6803-1
https://notcve.org/view.php?id=CVE-2024-31578
17 Apr 2024 — FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. Se descubrió que la versión n6.1.1 de FFmpeg contenía un heap use-after-free a través de la función av_hwframe_ctx_init. Zeng Yunxiang and Song Jiaxuan discovered that FFmpeg incorrectly handled certain input files. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service, or potential arbitrary code execution. This issue only affected Ubuntu 24.04 LTS. • https://gist.github.com/1047524396/45400cce5859d78dcd3a62010df8d179 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31581
https://notcve.org/view.php?id=CVE-2024-31581
17 Apr 2024 — FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbs_h266_syntax_template.c. This vulnerability allows attackers to cause undefined behavior within the application. Se descubrió que la versión n6.1 de FFmpeg contenía una validación incorrecta de la vulnerabilidad del índice de matriz en libavcodec/cbs_h266_syntax_template.c. Esta vulnerabilidad permite a los atacantes provocar un comportamiento indefinido dentro de la aplicación. • https://gist.github.com/1047524396/a7e9273e12553775826784035333cdd8 • CWE-129: Improper Validation of Array Index •