A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-02-18
A flaw was found in FFmpeg’s TensorFlow backend within the libavfilter/dnn_backend_tf.c source file. The issue occurs in the dnn_execute_model_tf() function, where a task object is freed multiple times in certain error-handling paths. This redundant memory deallocation can lead to a double-free condition, potentially causing FFmpeg or any application using it to crash when processing TensorFlow-based DNN models. This results in a denial-of-service scenario but does not allow arbitrary code execution under normal conditions.
CVSS Score
3.3
EPSS Score
0.0
Published
2026-02-18
FFmpeg git-master,N-113007-g8d24a28d06 was discovered to contain a segmentation violation via the component /libavcodec/jpeg2000dec.c.
CVSS Score
6.5
EPSS Score
0.002
Published
2025-02-18
FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/mem.c.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-02-18
FFmpeg git-master before commit d5873b was discovered to contain a memory leak in the component libavutil/iamf.c.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-02-18
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/af_stereowiden.c:120:69.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-04-26
Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame
CVSS Score
8.0
EPSS Score
0.001
Published
2024-04-19
Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.
CVSS Score
3.6
EPSS Score
0.0
Published
2024-04-19
Page 1