Search CVE reports


Toggle filters

21 – 30 of 356 results


CVE-2025-59729

Medium priority
Needs evaluation

When parsing the header for a DHAV file, there's an integer underflow in offset calculation that leads to reading the duration from before the start of the allocated buffer. If we load a DHAV file that is larger than...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release
Show less packages

CVE-2025-59728

Medium priority

Some fixes available 4 of 6

When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below [0], it returns a buffer precisely allocated to...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Fixed Fixed Fixed Not affected
libav Not in release Not in release Not in release
Show less packages

CVE-2025-10256

Medium priority

Some fixes available 4 of 7

A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Fixed Fixed Fixed Fixed
libav Not in release Not in release Not in release
Show less packages

CVE-2025-9951

Medium priority

Some fixes available 1 of 9

A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000.

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Vulnerable Fixed Ignored Ignored Ignored
libav Not in release Not in release Not in release
Show less packages

CVE-2025-8585

Medium priority
Vulnerable

A vulnerability, which was classified as critical, has been found in libav up to 12.3. Affected by this issue is the function main of the file /avtools/avconv.c of the component DSS File Demuxer. The manipulation leads to double...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release
Show less packages

CVE-2025-8586

Medium priority
Vulnerable

A vulnerability, which was classified as problematic, was found in libav up to 12.3. This affects the function ff_seek_frame_binary of the file /libavformat/utils.c of the component MPEG File Parser. The manipulation leads to null...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release
Show less packages

CVE-2025-8584

Medium priority
Vulnerable

A vulnerability classified as problematic was found in libav up to 12.3. Affected by this vulnerability is the function av_buffer_unref of the file libavutil/buffer.c of the component AVI File Parser. The manipulation leads to...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Not affected Not affected Not affected Not affected
libav Not in release Not in release Not in release
Show less packages

CVE-2025-7700

Medium priority

Some fixes available 3 of 7

A flaw was found in FFmpeg’s ALS audio decoder, where it does not properly check for memory allocation failures. This can cause the application to crash when processing certain malformed audio files. While it does not lead to data...

2 affected packages

ffmpeg, libav

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
ffmpeg Not affected Fixed Ignored Ignored Ignored
libav Not in release Not in release Not in release
Show less packages

CVE-2025-48175

Medium priority
Needs evaluation

In libavif before 1.3.0, avifImageRGBToYUV in reformat.c has integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes.

1 affected package

libavif

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libavif Needs evaluation Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2025-48174

Medium priority
Needs evaluation

In libavif before 1.3.0, makeRoom in stream.c has an integer overflow and resultant buffer overflow in stream->offset+size.

1 affected package

libavif

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libavif Needs evaluation Needs evaluation Needs evaluation Not in release
Show less packages