Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Workstation Extension 15 SP5 package ffmpeg-4, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (14)
CVE-2023-49502 — CVSS 8.8 (high): Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the…
CVE-2024-32230 — CVSS 7.8 (high): FFmpeg 7.0 is vulnerable to Buffer Overflow. There is a negative-size-param bug at libavcodec/mpegvideo_enc.c:1216:21 in load_input_picture…
CVE-2023-50010 — CVSS 7.8 (high): FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at ff_gradfun_blur_line_movdqa_sse2, as demonstrated by a call to the set_encoder_id…
CVE-2023-51794 — CVSS 7.8 (high): Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the…
CVE-2023-51793 — CVSS 7.8 (high): Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the…
CVE-2023-51798 — CVSS 7.8 (high): Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point…
CVE-2024-31578 — CVSS 7.5 (high): FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.
CVE-2020-22021 — CVSS 6.5 (medium): Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user…
CVE-2024-7055 — CVSS 6.3 (medium): A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the…
CVE-2023-48368 — CVSS 5.9 (medium): Improper input validation in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of…
CVE-2023-45221 — CVSS 4.8 (medium): Improper buffer restrictions in Intel(R) Media SDK all versions may allow an authenticated user to potentially enable escalation of…
CVE-2023-47282 — CVSS 3.9 (low): Out-of-bounds write in Intel(R) Media SDK all versions and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated…
CVE-2023-22656 — CVSS 3.9 (low): Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to…
CVE-2023-47169 — CVSS 3.3 (low): Improper buffer restrictions in Intel(R) Media SDK software all versions may allow an authenticated user to potentially enable denial of…