| 0 |
| url |
VCID-1kt8-snqa-5ygv |
| vulnerability_id |
VCID-1kt8-snqa-5ygv |
| summary |
A flaw was found in FFmpeg's TTY Demuxer. This vulnerability allows possible data exfiltration via improper parsing of non-TTY-compliant input files in HLS playlists. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-6602 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37253 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37388 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37282 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37299 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37412 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.3724 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37291 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37303 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37314 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00163 |
| scoring_system |
epss |
| scoring_elements |
0.37281 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41521 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-6602 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-6602
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1kt8-snqa-5ygv |
|
| 1 |
| url |
VCID-cpnk-whs1-6kg7 |
| vulnerability_id |
VCID-cpnk-whs1-6kg7 |
| summary |
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-1594 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30734 |
| published_at |
2026-04-09T12:55:00Z |
|
| 1 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30826 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30644 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30702 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30692 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30738 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30656 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30673 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00118 |
| scoring_system |
epss |
| scoring_elements |
0.30648 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00121 |
| scoring_system |
epss |
| scoring_elements |
0.31104 |
| published_at |
2026-04-21T12:55:00Z |
|
| 10 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55896 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-1594 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://trac.ffmpeg.org/ticket/11418#comment:3 |
| reference_id |
11418#comment:3 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/ |
|
|
| url |
https://trac.ffmpeg.org/ticket/11418#comment:3 |
|
| 4 |
| reference_url |
https://vuldb.com/?ctiid.296589 |
| reference_id |
?ctiid.296589 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/ |
|
|
| url |
https://vuldb.com/?ctiid.296589 |
|
| 5 |
| reference_url |
https://ffmpeg.org/ |
| reference_id |
ffmpeg.org |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/ |
|
|
| url |
https://ffmpeg.org/ |
|
| 6 |
| reference_url |
https://vuldb.com/?id.296589 |
| reference_id |
?id.296589 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/ |
|
|
| url |
https://vuldb.com/?id.296589 |
|
| 7 |
| reference_url |
https://trac.ffmpeg.org/attachment/ticket/11418/poc |
| reference_id |
poc |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/ |
|
|
| url |
https://trac.ffmpeg.org/attachment/ticket/11418/poc |
|
| 8 |
| reference_url |
https://vuldb.com/?submit.496929 |
| reference_id |
?submit.496929 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-24T12:02:17Z/ |
|
|
| url |
https://vuldb.com/?submit.496929 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-1594
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cpnk-whs1-6kg7 |
|
| 2 |
| url |
VCID-dbxj-ayf9-cuad |
| vulnerability_id |
VCID-dbxj-ayf9-cuad |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36617 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.0423 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.0418 |
| published_at |
2026-04-08T12:55:00Z |
|
| 2 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04194 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04173 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04156 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.0413 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.041 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04108 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04113 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04132 |
| published_at |
2026-04-04T12:55:00Z |
|
| 10 |
| value |
0.00017 |
| scoring_system |
epss |
| scoring_elements |
0.04147 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36617 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-36617
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-dbxj-ayf9-cuad |
|
| 3 |
| url |
VCID-fqzc-ggz9-gbd5 |
| vulnerability_id |
VCID-fqzc-ggz9-gbd5 |
| summary |
A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.0.2 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-273651. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7055 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31462 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31312 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31341 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31361 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31328 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31367 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.3141 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31407 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31376 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31322 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31504 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-7055 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://vuldb.com/?ctiid.273651 |
| reference_id |
?ctiid.273651 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/ |
|
|
| url |
https://vuldb.com/?ctiid.273651 |
|
| 4 |
| reference_url |
https://ffmpeg.org/download.html |
| reference_id |
download.html |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/ |
|
|
| url |
https://ffmpeg.org/download.html |
|
| 5 |
| reference_url |
https://ffmpeg.org/ |
| reference_id |
ffmpeg.org |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/ |
|
|
| url |
https://ffmpeg.org/ |
|
| 6 |
| reference_url |
https://vuldb.com/?id.273651 |
| reference_id |
?id.273651 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/ |
|
|
| url |
https://vuldb.com/?id.273651 |
|
| 7 |
| reference_url |
https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc3 |
| reference_id |
poc3 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/ |
|
|
| url |
https://github.com/CookedMelon/ReportCVE/tree/main/FFmpeg/poc3 |
|
| 8 |
| reference_url |
https://vuldb.com/?submit.376532 |
| reference_id |
?submit.376532 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:P/I:P/A:P |
|
| 1 |
| value |
6.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 2 |
| value |
6.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
|
| 3 |
| value |
6.9 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T15:41:29Z/ |
|
|
| url |
https://vuldb.com/?submit.376532 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-7055
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fqzc-ggz9-gbd5 |
|
| 4 |
| url |
VCID-fw45-nn58-8khp |
| vulnerability_id |
VCID-fw45-nn58-8khp |
| summary |
FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use of a parameter of negative size in the av_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-50007 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04924 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04899 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.05042 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04894 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04885 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04936 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04954 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04973 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04991 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04976 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00019 |
| scoring_system |
epss |
| scoring_elements |
0.04942 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-50007 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-50007
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-fw45-nn58-8khp |
|
| 5 |
| url |
VCID-gfzm-92dd-bqfm |
| vulnerability_id |
VCID-gfzm-92dd-bqfm |
| summary |
FFmpeg version n6.1 was discovered to contain a heap buffer overflow vulnerability in the draw_block_rectangle function of libavfilter/vf_codecview.c. This vulnerability allows attackers to cause undefined behavior or a Denial of Service (DoS) via crafted input. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-31582 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.0613 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06325 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06174 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06163 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06204 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06214 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06219 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06227 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06188 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06146 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00023 |
| scoring_system |
epss |
| scoring_elements |
0.06161 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-31582 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-31582
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzm-92dd-bqfm |
|
| 6 |
| url |
VCID-hd6u-9x7x-mke8 |
| vulnerability_id |
VCID-hd6u-9x7x-mke8 |
| summary |
A flaw was found in FFmpeg's DASH playlist support. This vulnerability allows arbitrary HTTP GET requests to be made on behalf of the machine running FFmpeg via a crafted DASH playlist containing malicious URLs. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-6605 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.25993 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26158 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.25978 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.25997 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26199 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.2597 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26037 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26088 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26098 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00093 |
| scoring_system |
epss |
| scoring_elements |
0.26052 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00115 |
| scoring_system |
epss |
| scoring_elements |
0.30012 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-6605 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-6605
|
| risk_score |
3.2 |
| exploitability |
0.5 |
| weighted_severity |
6.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hd6u-9x7x-mke8 |
|
| 7 |
| url |
VCID-k14h-eek4-s3cv |
| vulnerability_id |
VCID-k14h-eek4-s3cv |
| summary |
A reachable assertion in FFmpeg git-master commit N-113007-g8d24a28d06 allows attackers to cause a Denial of Service (DoS) via opening a crafted AAC file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-22919 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22545 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.2268 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22639 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22584 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22598 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22595 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22531 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22609 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00075 |
| scoring_system |
epss |
| scoring_elements |
0.22662 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00079 |
| scoring_system |
epss |
| scoring_elements |
0.23503 |
| published_at |
2026-04-02T12:55:00Z |
|
| 10 |
| value |
0.00079 |
| scoring_system |
epss |
| scoring_elements |
0.2354 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-22919 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-22919
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k14h-eek4-s3cv |
|
| 8 |
| url |
VCID-kcjw-jy65-hfge |
| vulnerability_id |
VCID-kcjw-jy65-hfge |
| summary |
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-6604 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24248 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24405 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24252 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24264 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24437 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.2422 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24287 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.2433 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24348 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00083 |
| scoring_system |
epss |
| scoring_elements |
0.24305 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.001 |
| scoring_system |
epss |
| scoring_elements |
0.27547 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-6604 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-6604
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kcjw-jy65-hfge |
|
| 9 |
| url |
VCID-m3u1-zn19-k3dy |
| vulnerability_id |
VCID-m3u1-zn19-k3dy |
| summary |
FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-35367 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34351 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34341 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34354 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34319 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34343 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34382 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.3438 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34413 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34441 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34307 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39106 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-35367 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-35367
|
| risk_score |
4.1 |
| exploitability |
0.5 |
| weighted_severity |
8.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m3u1-zn19-k3dy |
|
| 10 |
| url |
VCID-m827-r499-xubz |
| vulnerability_id |
VCID-m827-r499-xubz |
| summary |
FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-35368 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37869 |
| published_at |
2026-04-07T12:55:00Z |
|
| 1 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37911 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37886 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37912 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37948 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37932 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37919 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37966 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00167 |
| scoring_system |
epss |
| scoring_elements |
0.37991 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45518 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-35368 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-35368
|
| risk_score |
4.4 |
| exploitability |
0.5 |
| weighted_severity |
8.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m827-r499-xubz |
|
| 11 |
|
| 12 |
| url |
VCID-ns98-tu4j-sfd5 |
| vulnerability_id |
VCID-ns98-tu4j-sfd5 |
| summary |
FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-31578 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00278 |
| scoring_system |
epss |
| scoring_elements |
0.51226 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55417 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55413 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55378 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55396 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55418 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55407 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55357 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55354 |
| published_at |
2026-04-02T12:55:00Z |
|
| 9 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55379 |
| published_at |
2026-04-04T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-31578 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-31578
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ns98-tu4j-sfd5 |
|
| 13 |
| url |
VCID-nuah-6bpn-m7bu |
| vulnerability_id |
VCID-nuah-6bpn-m7bu |
| summary |
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-49501 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09588 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09538 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09628 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.0948 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09476 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09586 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09602 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09632 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09624 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.09575 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00033 |
| scoring_system |
epss |
| scoring_elements |
0.095 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-49501 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/FFmpeg/FFmpeg |
| reference_id |
FFmpeg |
| reference_type |
|
| scores |
| 0 |
| value |
8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H |
|
| 1 |
| value |
Track* |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-19T18:04:24Z/ |
|
|
| url |
https://github.com/FFmpeg/FFmpeg |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-49501
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nuah-6bpn-m7bu |
|
| 14 |
| url |
VCID-nxsr-usgh-z3ah |
| vulnerability_id |
VCID-nxsr-usgh-z3ah |
| summary |
FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when using the colorcorrect filter, in the av_malloc function in libavutil/mem.c:105:9 component. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-50008 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08735 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08687 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08755 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08602 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08613 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08723 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08738 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.0876 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00031 |
| scoring_system |
epss |
| scoring_elements |
0.08659 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-50008 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-50008
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nxsr-usgh-z3ah |
|
| 15 |
| url |
VCID-qr7y-vmc2-8qce |
| vulnerability_id |
VCID-qr7y-vmc2-8qce |
| summary |
Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-49502 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47894 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47873 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47904 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.4795 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47955 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47901 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47892 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47914 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.4789 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47895 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00246 |
| scoring_system |
epss |
| scoring_elements |
0.47842 |
| published_at |
2026-04-07T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-49502 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
| reference_url |
https://github.com/FFmpeg/FFmpeg |
| reference_id |
FFmpeg |
| reference_type |
|
| scores |
| 0 |
| value |
8.8 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T16:52:33Z/ |
|
|
| url |
https://github.com/FFmpeg/FFmpeg |
|
| 6 |
|
| 7 |
|
| 8 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-49502
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qr7y-vmc2-8qce |
|
| 16 |
| url |
VCID-u45n-rr9s-ffah |
| vulnerability_id |
VCID-u45n-rr9s-ffah |
| summary |
Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issue was fixed: https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosman |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-0518 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31186 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31337 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.312 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31232 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31214 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31378 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31198 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31251 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31281 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31286 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31242 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-0518 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-0518
|
| risk_score |
2.1 |
| exploitability |
0.5 |
| weighted_severity |
4.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u45n-rr9s-ffah |
|
| 17 |
| url |
VCID-xh69-cs7h-wqb2 |
| vulnerability_id |
VCID-xh69-cs7h-wqb2 |
| summary |
A vulnerability classified as problematic has been found in FFmpeg up to 6e26f57f672b05e7b8b052007a83aef99dc81ccb. This affects the function audio_element_obu of the file libavformat/iamf_parse.c of the component IAMF File Handler. The manipulation of the argument num_parameters leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 0526535cd58444dd264e810b2f3348b4d96cff3b. It is recommended to apply a patch to fix this issue. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-1816 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25155 |
| published_at |
2026-04-12T12:55:00Z |
|
| 1 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25197 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25073 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25103 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25112 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00088 |
| scoring_system |
epss |
| scoring_elements |
0.25102 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47738 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.4777 |
| published_at |
2026-04-02T12:55:00Z |
|
| 8 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47789 |
| published_at |
2026-04-04T12:55:00Z |
|
| 9 |
| value |
0.00245 |
| scoring_system |
epss |
| scoring_elements |
0.47792 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00292 |
| scoring_system |
epss |
| scoring_elements |
0.52576 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-1816 |
|
| 1 |
|
| 2 |
|
| 3 |
| reference_url |
https://trac.ffmpeg.org/ticket/11475 |
| reference_id |
11475 |
| reference_type |
|
| scores |
| 0 |
| value |
5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 2 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/ |
|
|
| url |
https://trac.ffmpeg.org/ticket/11475 |
|
| 4 |
| reference_url |
https://vuldb.com/?ctiid.298089 |
| reference_id |
?ctiid.298089 |
| reference_type |
|
| scores |
| 0 |
| value |
5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 2 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/ |
|
|
| url |
https://vuldb.com/?ctiid.298089 |
|
| 5 |
| reference_url |
https://ffmpeg.org/ |
| reference_id |
ffmpeg.org |
| reference_type |
|
| scores |
| 0 |
| value |
5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 2 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/ |
|
|
| url |
https://ffmpeg.org/ |
|
| 6 |
| reference_url |
https://vuldb.com/?id.298089 |
| reference_id |
?id.298089 |
| reference_type |
|
| scores |
| 0 |
| value |
5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 2 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/ |
|
|
| url |
https://vuldb.com/?id.298089 |
|
| 7 |
| reference_url |
https://trac.ffmpeg.org/attachment/ticket/11475/poc |
| reference_id |
poc |
| reference_type |
|
| scores |
| 0 |
| value |
5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 2 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/ |
|
|
| url |
https://trac.ffmpeg.org/attachment/ticket/11475/poc |
|
| 8 |
| reference_url |
https://vuldb.com/?submit.506575 |
| reference_id |
?submit.506575 |
| reference_type |
|
| scores |
| 0 |
| value |
5 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:N/C:N/I:N/A:P |
|
| 1 |
| value |
4.3 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 2 |
| value |
4.3 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
|
| 3 |
| value |
5.3 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-03T20:12:17Z/ |
|
|
| url |
https://vuldb.com/?submit.506575 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-1816
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-xh69-cs7h-wqb2 |
|