Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:ffmpeg:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Ffmpeg (de2c4ce1-b78e-5639-9767-7970c6228732) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-1816 |
vulnerable | 2026-06-08 07:08:38.208093 |
FFmpeg IAMF File iamf_parse.c audio_element_obu memory leak
MEDIUM (4.3)
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audio_element_obu of the file libavformat/iamf_parse.c of the component IAMF File Handler. The manipulation of the argument num_parameters leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 0526535cd58444dd264e810b2f3348b4d96cff3b. It is recommended to apply a patch to fix this issue.
Published: 2025-03-02T14:00:07.515Z
Updated: 2025-03-03T20:12:37.842Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1594 |
vulnerable | 2026-06-08 07:08:37.363473 |
FFmpeg AAC Encoder aacenc_tns.c ff_aac_search_for_tns stack-based overflow
MEDIUM (6.3)
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-02-23T21:00:13.152Z
Updated: 2025-02-24T12:03:02.141Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-1373 |
vulnerable | 2026-06-08 07:08:36.668741 |
FFmpeg MOV Parser mov.c mov_read_trak null pointer dereference
LOW (3.3)
A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The patch is identified as 43be8d07281caca2e88bfd8ee2333633e1fb1a13. It is recommended to apply a patch to fix this issue.
Published: 2025-02-17T03:31:05.119Z
Updated: 2025-02-18T15:53:38.652Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7272 |
vulnerable | 2026-06-08 06:58:21.722545 |
FFmpeg swresample.c fill_audiodata heap-based overflow
MEDIUM (6.3)
A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fill_audiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in version 6.0 by 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 but a backport for 5.1 was forgotten. The exploit has been disclosed to the public and may be used. Upgrading to version 5.1.6 and 6.0 9903ba28c28ab18dc7b7b6fb8571cc8b5caae1a6 is able to address this issue. It is recommended to upgrade the affected component.
Published: 2024-08-08T20:24:10.987Z
Updated: 2024-08-09T17:22:37.764Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-7055 |
vulnerable | 2026-06-08 06:58:21.120737 |
FFmpeg pnmdec.c pnm_decode_frame heap-based overflow
MEDIUM (6.3)
A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.2 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-273651.
Published: 2024-08-06T06:00:10.659Z
Updated: 2025-11-03T22:32:48.492Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3341 |
vulnerable | 2026-06-08 05:48:20.602200 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3109 |
vulnerable | 2026-06-08 05:47:19.467813 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-1475 |
vulnerable | 2026-06-08 05:39:13.301399 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3566 |
vulnerable | 2026-06-08 05:33:52.806119 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.