CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22020 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22020
26 May 2021 — Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service. Una vulnerabilidad de Desbordamiento del Búfer en FFmpeg versión 4.2 en la función build_diff_map del archivo libavfilter/vf_fieldmatch.c, que podría permitir a un usuario malicioso remoto causar una Denegación de Servicio Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could r... • p=ffmpeg.git%3Ba=commitdiff%3Bh=ce5274c1385d55892a692998923802023526b765 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2020-22015 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-22015
26 May 2021 — Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Denial of Service, or execute arbitrary code. Una vulnerabilidad de Desbordamiento del Búfer en FFmpeg versión 4.2 en la función mov_write_video_tag debido al fuera de límites del archivo libavformat/movenc.c, que podría permitir a un usuario malicioso remoto obtener información confidencial, causar un... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-20453 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-20453
25 May 2021 — FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aaccoder, which allows a remote malicious user to cause a Denial of Service FFmpeg versión 4.2 está afectado por un problema de Divide By Zero por medio del archivo libavcodec/aaccoder, que permite a un usuario malicioso remoto causar una Denegación de Servicio It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. ... It was discovered that FFmpeg incorrectly... • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 1CVE-2020-20451
https://notcve.org/view.php?id=CVE-2020-20451
25 May 2021 — Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c. Un Problema de Denegación de Servicio en FFmpeg versión 4.2, debido a errores de administración de recursos por medio del archivo fftools/cmdutils.c • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-20446 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-20446
25 May 2021 — FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/aacpsy.c, which allows a remote malicious user to cause a Denial of Service. FFmpeg versión 4.2 está afectado por un problema Divide By Zero por medio del archivo libavcodec/aacpsy.c, que permite a un usuario malicioso remoto causar una Denegación de Servicio Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code... • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-369: Divide By Zero •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2020-20445 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-20445
25 May 2021 — FFmpeg 4.2 is affected by a Divide By Zero issue via libavcodec/lpc.h, which allows a remote malicious user to cause a Denial of Service. It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding or AAC codecs. ... It was discovered that FFmpeg incorrectly handled certain input. • https://lists.debian.org/debian-lts-announce/2021/11/msg00012.html • CWE-369: Divide By Zero •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2020-21041 – Debian Security Advisory 4990-1
https://notcve.org/view.php?id=CVE-2020-21041
24 May 2021 — Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse_blend in libavcodec/pngenc.c, which could let a remote malicious user cause a Denial of Service Una vulnerabilidad de Desbordamiento de Búfer se presenta en FFmpeg versión 4.1, por medio de la función apng_do_inverse_blend en la biblioteca libavcodec/pngenc.c, que podría permitir a un usuario malicioso remoto causar una Denegación de Servicio It was discovered that FFmpeg would attempt to divide by zero when using Li... • https://lists.debian.org/debian-lts-announce/2021/08/msg00018.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23376 – Arbitrary Command Injection
https://notcve.org/view.php?id=CVE-2021-23376
18 Apr 2021 — This affects all versions of package ffmpegdotjs. If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization. Esto afecta a todas las versiones del paquete ffmpegdotjs. Si es proporcionada una entrada de usuario controlada por un atacante para la función trimvideo, es posible para un atacante ejecutar comandos arbitrarios. • https://github.com/TRomesh/ffmpegdotjs/blob/b7395daf0bdcb81218340427eb7073cdd28462af/index.js%23L219 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 2CVE-2021-30123 – Gentoo Linux Security Advisory 202105-24
https://notcve.org/view.php?id=CVE-2021-30123
07 Apr 2021 — FFmpeg <=4.3 contains a buffer overflow vulnerability in libavcodec through a crafted file that may lead to remote code execution. FFmpeg versiones anteriores a 4.3 incluyéndola, contiene una vulnerabilidad de desbordamiento de búfer en libavcodec por medio de un archivo diseñado que puede conducir a una ejecución de código remota Multiple vulnerabilities have been found in FFmpeg, the worst of which could result in the arbitrary execution of code. • p=ffmpeg.git%3Ba=commitdiff%3Bh=d6f293353c94c7ce200f6e0975ae3de49787f91f • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2020-24995
https://notcve.org/view.php?id=CVE-2020-24995
30 Mar 2021 — Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local). Una vulnerabilidad de desbordamiento del búfer en la función sniff_channel_order en el archivo aacdec_template.c en ffmpeg versión 3.1.2, permite a atacantes ejecutar código arbitrario (local). • p=ffmpeg.git%3Ba=commitdiff%3Bh=d6f293353c94c7ce200f6e0975ae3de49787f91f • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •