CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2021-38291 – Gentoo Linux Security Advisory 202312-14
https://notcve.org/view.php?id=CVE-2021-38291
12 Aug 2021 — FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. Una versión de FFmpeg (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) sufre un fallo de aserción en el archivo src/libavutil/mathematics.c It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ub... • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-35965 – Gentoo Linux Security Advisory 202105-24
https://notcve.org/view.php?id=CVE-2020-35965
04 Jan 2021 — decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. La función decode_frame en la biblioteca libavcodec/exr.c en FFmpeg versión 4.3.1, presenta una escritura fuera de límites debido a errores en los cálculos de cuándo realiza operaciones memset zero. It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. An attacker could possibly use this issue to ca... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26532 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-35964 – Gentoo Linux Security Advisory 202105-24
https://notcve.org/view.php?id=CVE-2020-35964
03 Jan 2021 — track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. La función track_header en la biblioteca libavformat/vividas.c en FFmpeg versión 4.3.1, presenta una escritura fuera de límites debido al empaquetado extradata incorrecto. Multiple vulnerabilities have been found in FFmpeg, the worst of which could result in the arbitrary execution of code. Versions less than 4.4 are affected. • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26622 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14212 – Gentoo Linux Security Advisory 202007-58
https://notcve.org/view.php?id=CVE-2020-14212
16 Jun 2020 — FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because dnn_backend_native.c calls ff_dnn_load_model_native and a certain index check is omitted. FFmpeg versiones hasta 4.3, presentan un desbordamiento de búfer en la región heap de la memoria en la función avio_get_str en la biblioteca libavformat/aviobuf.c porque el archivo dnn_backend_native.c llama a ff_dnn_load_model_native y se omite una determinada comprobación de índice Multiple vulnerabilities have been f... • https://patchwork.ffmpeg.org/project/ffmpeg/list/?series=1463 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 5%CPEs: 5EXPL: 0CVE-2005-4048
https://notcve.org/view.php?id=CVE-2005-4048
07 Dec 2005 — Heap-based buffer overflow in the avcodec_default_get_buffer function (utils.c) in FFmpeg libavcodec 0.4.9-pre1 and earlier, as used in products such as (1) mplayer, (2) xine-lib, (3) Xmovie, and (4) GStreamer, allows remote attackers to execute arbitrary commands via small PNG images with palettes. • http://article.gmane.org/gmane.comp.video.ffmpeg.devel/26558 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •