CVE-2014-125004 – FFmpeg vmnc.c decode_hextile memory corruption
https://notcve.org/view.php?id=CVE-2014-125004
A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=6ba02602aa7fc7d38db582e75b8b093fb3c1608d https://vuldb.com/?id.12586 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2014-125003 – FFmpeg jpeg2000dec.c get_siz memory corruption
https://notcve.org/view.php?id=CVE-2014-125003
A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=8001e9f7d17e90b4b0898ba64e3b8bbd716c513c https://vuldb.com/?id.12587 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2014-125002 – FFmpeg dnxhdenc.c dnxhd_init_rc memory corruption
https://notcve.org/view.php?id=CVE-2014-125002
A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. • http://git.videolan.org/?p=ffmpeg.git%3Ba=commit%3Bh=f1caaa1c61310beba705957e6366f0392a0b005b https://vuldb.com/?id.12588 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVE-2022-1475
https://notcve.org/view.php?id=CVE-2022-1475
An integer overflow vulnerability was found in FFmpeg versions before 4.4.2 and before 5.0.1 in g729_parse() in llibavcodec/g729_parser.c when processing a specially crafted file. Se ha encontrado una vulnerabilidad de desbordamiento de enteros en las versiones de FFmpeg anteriores a la 4.4.2 y anteriores a la 5.0.1 en g729_parse() en llibavcodec/g729_parser.c al procesar un archivo especialmente diseñado • https://bugzilla.redhat.com/show_bug.cgi?id=2076764 https://security.gentoo.org/glsa/202312-14 https://trac.ffmpeg.org/ticket/9651 • CWE-190: Integer Overflow or Wraparound •
CVE-2020-23906
https://notcve.org/view.php?id=CVE-2020-23906
FFmpeg N-98388-g76a3ee996b allows attackers to cause a denial of service (DoS) via a crafted audio file due to insufficient verification of data authenticity. FFmpeg versión N-98388-g76a3ee996b, permite a atacantes causar una denegación de servicio (DoS) por medio de un archivo de audio diseñado debido a una verificación insuficiente de la autenticidad de los datos • https://trac.ffmpeg.org/ticket/8782 • CWE-345: Insufficient Verification of Data Authenticity •