Shodan
Vulnerabilities
Vulnerable Software
Ffmpeg:  >> Ffmpeg  Security Vulnerabilities
CVE-2024-31578
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-04-17
CVE-2023-49528
Buffer Overflow vulnerability in FFmpeg version n6.1-3-g466799d4f5, allows a local attacker to execute arbitrary code and cause a denial of service (DoS) via the af_dialoguenhance.c:261:5 in the de_stereo component.
CVSS Score
8.0
EPSS Score
0.0
Published
2024-04-12
CVE-2024-22861
Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-01-27
CVE-2024-22860
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
CVSS Score
9.8
EPSS Score
0.025
Published
2024-01-27
CVE-2024-22862
Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.
CVSS Score
9.8
EPSS Score
0.02
Published
2024-01-27
CVE-2023-47470
Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c
CVSS Score
7.8
EPSS Score
0.014
Published
2023-11-16
CVE-2023-46407
FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-10-27
CVE-2021-28429
Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-11
CVE-2020-36138
An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS).
CVSS Score
7.5
EPSS Score
0.003
Published
2023-08-11
CVE-2022-48434
libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used).
CVSS Score
8.1
EPSS Score
0.003
Published
2023-03-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved