CVSS: 9.4EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3964 – ffmpeg QuickTime RPZA Video Encoder rpzaenc.c out-of-bounds
https://notcve.org/view.php?id=CVE-2022-3964
13 Nov 2022 — A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. • https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/92f9b28ed84a77138105475beba16c146bdaf984 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3965 – ffmpeg QuickTime Graphics Video Encoder smcenc.c smc_encode_stream out-of-bounds
https://notcve.org/view.php?id=CVE-2022-3965
13 Nov 2022 — A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. • https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/13c13109759090b7f7182480d075e13b36ed8edd • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2566 – Heap-memory write in FFMPEG
https://notcve.org/view.php?id=CVE-2022-2566
23 Sep 2022 — A heap out-of-bounds memory write exists in FFMPEG since version 5.1. The size calculation in `build_open_gop_key_points()` goes through all entries in the loop and adds `sc->ctts_data[i].count` to `sc->sample_offsets_count`. This can lead to an integer overflow resulting in a small allocation with `av_calloc()`. An attacker can cause remote code execution via a malicious mp4 file. We recommend upgrading past commit c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 Existe una escritura de memoria fuera de los límite... • https://github.com/FFmpeg/FFmpeg/commit/c953baa084607dd1d84c3bfcce3cf6a87c3e6e05 • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-125025 – FFmpeg decode_pulses memory corruption
https://notcve.org/view.php?id=CVE-2014-125025
19 Jun 2022 — A vulnerability classified as problematic has been found in FFmpeg 2.0. This affects the function decode_pulses. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=6e42ccb9db • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-125024 – FFmpeg lag_decode_frame memory corruption
https://notcve.org/view.php?id=CVE-2014-125024
19 Jun 2022 — A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function lag_decode_frame. The manipulation leads to memory corruption. The attack may be launched remotely. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=4c3e1956ee • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-125023 – FFmpeg Truemotion1 truemotion1_decode_header memory corruption
https://notcve.org/view.php?id=CVE-2014-125023
19 Jun 2022 — A vulnerability was found in FFmpeg 2.0. It has been declared as problematic. Affected by this vulnerability is the function truemotion1_decode_header of the component Truemotion1 Handler. The manipulation leads to memory corruption. The attack can be launched remotely. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=2240e2078d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-125022 – FFmpeg Bitstream Buffer shorten_decode_frame memory corruption
https://notcve.org/view.php?id=CVE-2014-125022
19 Jun 2022 — A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function shorten_decode_frame of the component Bitstream Buffer. The manipulation leads to memory corruption. It is possible to launch the attack remotely. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1713eec29a • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-125021 – FFmpeg cmv_process_header memory corruption
https://notcve.org/view.php?id=CVE-2014-125021
19 Jun 2022 — A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function cmv_process_header. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=5430839144 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-125020 – FFmpeg decode_update_thread_context memory corruption
https://notcve.org/view.php?id=CVE-2014-125020
19 Jun 2022 — A vulnerability has been found in FFmpeg 2.0 and classified as critical. This vulnerability affects the function decode_update_thread_context. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=1f097d168d • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-125019 – FFmpeg Slice Segment decode_nal_unit memory corruption
https://notcve.org/view.php?id=CVE-2014-125019
19 Jun 2022 — A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_nal_unit of the component Slice Segment Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=b25e84b739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •