Vulnerabilities > Ffmpeg > Ffmpeg > 2.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-7272 | Out-of-bounds Write vulnerability in Ffmpeg A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. | 8.8 |
| 2024-01-27 | CVE-2024-22861 | Integer Overflow or Wraparound vulnerability in Ffmpeg Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. | 7.5 |
| 2024-01-27 | CVE-2024-22860 | Integer Overflow or Wraparound vulnerability in Ffmpeg Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. | 9.8 |
| 2024-01-27 | CVE-2024-22862 | Integer Overflow or Wraparound vulnerability in Ffmpeg Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. | 9.8 |
| 2023-11-16 | CVE-2023-47470 | Out-of-bounds Write vulnerability in Ffmpeg Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c | 7.8 |
| 2023-10-27 | CVE-2023-46407 | Out-of-bounds Read vulnerability in Ffmpeg FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function. | 5.5 |
| 2023-03-29 | CVE-2022-48434 | Use After Free vulnerability in Ffmpeg libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances (e.g., hardware re-initialization upon a mid-video SPS change when Direct3D11 is used). | 8.1 |
| 2023-01-12 | CVE-2022-3341 | NULL Pointer Dereference vulnerability in Ffmpeg A null pointer dereference issue was discovered in 'FFmpeg' in decode_main_header() function of libavformat/nutdec.c file. | 5.3 |
| 2022-12-16 | CVE-2022-3109 | NULL Pointer Dereference vulnerability in Ffmpeg An issue was discovered in the FFmpeg package, where vp3_decode_frame in libavcodec/vp3.c lacks check of the return value of av_malloc() and will cause a null pointer dereference, impacting availability. | 7.5 |
| 2021-08-12 | CVE-2021-38291 | Reachable Assertion vulnerability in multiple products FFmpeg version (git commit de8e6e67e7523e48bb27ac224a0b446df05e1640) suffers from a an assertion failure at src/libavutil/mathematics.c. | 7.5 |