CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2020-24995
https://notcve.org/view.php?id=CVE-2020-24995
30 Mar 2021 — Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local). Una vulnerabilidad de desbordamiento del búfer en la función sniff_channel_order en el archivo aacdec_template.c en ffmpeg versión 3.1.2, permite a atacantes ejecutar código arbitrario (local). • http://git.videolan.org/?p=ffmpeg.git%3Ba=commitdiff%3Bh=d6f293353c94c7ce200f6e0975ae3de49787f91f • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2020-13904 – Debian Security Advisory 4722-1
https://notcve.org/view.php?id=CVE-2020-13904
07 Jun 2020 — FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c. FFmpeg versión 2.8 y versión 4.2.3, presenta un uso de la memoria previamente liberada por medio de una duración EXTINF diseñada en un archivo m3u8 porque la función parse_playlist en la biblioteca libavformat/hls.c libera un puntero, y luego este puntero es accedido en la fun... • https://github.com/FFmpeg/FFmpeg/commit/6959358683c7533f586c07a766acc5fe9544d8b2 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-17539 – Debian Security Advisory 4722-1
https://notcve.org/view.php?id=CVE-2019-17539
14 Oct 2019 — In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other impact when there is no valid close function pointer. En FFmpeg versiones anteriores a 4.2, la función avcodec_open2 en el archivo libavcodec/utils.c permite una desreferencia del puntero NULL y posiblemente otro impacto no especificado cuando no existe un puntero de función de cierre válido. It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacke... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15733 • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2019-17542 – Debian Security Advisory 4722-1
https://notcve.org/view.php?id=CVE-2019-17542
14 Oct 2019 — FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk because of an out-of-array access in vqa_decode_init in libavcodec/vqavideo.c. FFmpeg versiones anteriores a 4.2, presenta un desbordamiento de búfer en la región heap de la memoria en la función vqa_decode_chunk debido a un acceso fuera de la matriz en la función vqa_decode_init en el archivo libavcodec/vqavideo.c. It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this is... • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15919 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2019-15942 – Gentoo Linux Security Advisory 202007-58
https://notcve.org/view.php?id=CVE-2019-15942
05 Sep 2019 — FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645_parse because alloc_rbsp_buffer in libavcodec/h2645_parse.c mishandles rbsp_buffer. FFmpeg hasta la versión 4.2 tiene un problema de "Conditional jump or move depends on uninitialised value" en h2645_parse porque alloc_rbsp_buffer en libavcodec/h2645_parse.c gestiona de manera incorrecta rbsp_buffer. Multiple vulnerabilities have been found in FFmpeg, the worst of which could result in the arbitrary execution o... • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00012.html • CWE-252: Unchecked Return Value •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2019-12730 – Debian Security Advisory 4502-1
https://notcve.org/view.php?id=CVE-2019-12730
04 Jun 2019 — aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x before 4.1.4 does not check for sscanf failure and consequently allows use of uninitialized variables. aa_read_header en libavformat / aadec.c en FFmpeg en versiones anteriores a la 3.2.14 y versión 4.x versiones anteriores a la 4.1.4 no verifica el error de sscanf y, por lo tanto, permite el uso de variables sin inicializar. It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly us... • http://www.securityfocus.com/bid/109317 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1999010
https://notcve.org/view.php?id=CVE-2018-1999010
23 Jul 2018 — FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later. FFmpeg antes del commit con ID cced03dd667a5df6df8fd40d8de0bff477ee02e8 contiene múltiples vulnerabilidades de acceso fuera de array en el protocolo mms q... • http://www.securityfocus.com/bid/104896 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 0CVE-2018-1999011 – Debian Security Advisory 4449-1
https://notcve.org/view.php?id=CVE-2018-1999011
23 Jul 2018 — FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later. FFmpeg antes del commit con ID 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contiene una vuln... • http://www.securityfocus.com/bid/104896 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1999012
https://notcve.org/view.php?id=CVE-2018-1999012
23 Jul 2018 — FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially crafted PVA file has to be provided as input. This vulnerability appears to have been fixed in 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 and later. FFmpeg antes del commit con ID 9807d3976be0e92e4ece3b4b1701be894cd... • http://www.securityfocus.com/bid/104896 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1999013
https://notcve.org/view.php?id=CVE-2018-1999013
23 Jul 2018 — FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. This attack appear to be exploitable via specially crafted RM file has to be provided as input. This vulnerability appears to have been fixed in a7e032a277452366771951e29fd0bf2bd5c029f0 and later. FFmpeg antes del commit con ID a7e032a277452366771951e29fd0bf2bd5c029f0 contiene una vulnerabilidad de uso de memoria ... • http://www.securityfocus.com/bid/104896 • CWE-416: Use After Free •