Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.3

    MEDIUM
    CVE-2024-55069

    ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c.... Read more

    Affected Products : ffmpeg
    • Published: May. 02, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Denial of Service

  • 7.5

    HIGH
    CVE-2024-31578

    FFmpeg version n6.1.1 was discovered to contain a heap use-after-free via the av_hwframe_ctx_init function.... Read more

    Affected Products : fedora ffmpeg
    • Published: Apr. 17, 2024
    • Modified: Jun. 03, 2025

  • 6.2

    MEDIUM
    CVE-2024-36617

    FFmpeg n6.1.1 has an integer overflow vulnerability in the FFmpeg CAF decoder.... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 8.8

    HIGH
    CVE-2025-1594

    A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It i... Read more

    Affected Products : ffmpeg
    • Published: Feb. 23, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Memory Corruption

  • 5.5

    MEDIUM
    CVE-2025-1373

    A vulnerability was found in FFmpeg up to 7.1. It has been rated as problematic. Affected by this issue is the function mov_read_trak of the file libavformat/mov.c of the component MOV Parser. The manipulation leads to null pointer dereference. Local acce... Read more

    Affected Products : ffmpeg
    • Published: Feb. 17, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Memory Corruption

  • 8.8

    HIGH
    CVE-2024-7055

    A vulnerability was found in FFmpeg up to 7.0.1. It has been classified as critical. This affects the function pnm_decode_frame in the library /libavcodec/pnmdec.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attac... Read more

    Affected Products : ffmpeg
    • Published: Aug. 06, 2024
    • Modified: Jun. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-34256

    OFCMS V1.1.2 is vulnerable to SQL Injection via the new table function.... Read more

    Affected Products : ofcms
    • Published: May. 14, 2024
    • Modified: Jun. 03, 2025

  • 6.7

    MEDIUM
    CVE-2024-31952

    An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. (The attacker must already have user privileges, and an admini... Read more

    Affected Products : macos magician
    • Published: May. 14, 2024
    • Modified: Jun. 03, 2025

  • 6.3

    MEDIUM
    CVE-2024-36071

    Samsung Magician 8.0.0 on Windows allows an admin to escalate privileges by tampering with the directory and DLL files used during the installation process. This occurs because of an Untrusted Search Path.... Read more

    Affected Products : windows magician
    • Published: Jun. 20, 2024
    • Modified: Jun. 03, 2025

  • 6.7

    MEDIUM
    CVE-2024-31953

    An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it is possible to tamper with the directory and executable files used during the installation process, an attacker can escalate privileges through arbitrary code execution. (The attacker ... Read more

    Affected Products : macos magician
    • Published: May. 14, 2024
    • Modified: Jun. 03, 2025

  • 2.8

    LOW
    CVE-2024-53921

    An issue was discovered in the installer in Samsung Magician 8.1.0 on Windows. An attacker can create arbitrary folders in the system permission directory via a symbolic link during the installation process.... Read more

    Affected Products : windows magician
    • Published: Dec. 03, 2024
    • Modified: Jun. 03, 2025

  • 5.5

    MEDIUM
    CVE-2024-35369

    In FFmpeg version n6.1.1, specifically within the avcodec/speexdec.c module, a potential security vulnerability exists due to insufficient validation of certain parameters when parsing Speex codec extradata. This vulnerability could lead to integer overfl... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 5.3

    MEDIUM
    CVE-2024-36619

    FFmpeg n6.1.1 has a vulnerability in the WAVARC decoder of the libavcodec library which allows for an integer overflow when handling certain block types, leading to a denial-of-service (DoS) condition.... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 6.2

    MEDIUM
    CVE-2024-36618

    FFmpeg n6.1.1 has a vulnerability in the AVI demuxer of the libavformat library which allows for an integer overflow, potentially resulting in a denial-of-service (DoS) condition.... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 5.9

    MEDIUM
    CVE-2024-36615

    FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This could lead to a data race if video encoding parameters were being exported, as the side data would be attached in the decoder thread while being read in the output thread.... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 6.5

    MEDIUM
    CVE-2024-36616

    An integer overflow in the component /libavformat/westwood_vqa.c of FFmpeg n6.1.1 allows attackers to cause a denial of service in the application via a crafted VQA file.... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 9.1

    CRITICAL
    CVE-2024-35366

    FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options function of sbgdec.c within the libavformat module. When parsing certain options, the software does not adequately validate the input. This allows for negative duration value... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 9.1

    CRITICAL
    CVE-2024-35367

    FFmpeg n6.1.1 has an Out-of-bounds Read via libavcodec/ppc/vp8dsp_altivec.c, static const vec_s8 h_subpel_filters_outer... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 9.8

    CRITICAL
    CVE-2024-35368

    FFmpeg n7.0 is affected by a Double Free via the rkmpp_retrieve_frame function within libavcodec/rkmppdec.c.... Read more

    Affected Products : ffmpeg
    • Published: Nov. 29, 2024
    • Modified: Jun. 03, 2025

  • 8.8

    HIGH
    CVE-2024-35365

    FFmpeg version n6.1.1 has a double-free vulnerability in the fftools/ffmpeg_mux_init.c component of FFmpeg, specifically within the new_stream_audio function.... Read more

    Affected Products : ffmpeg
    • Published: Jan. 03, 2025
    • Modified: Jun. 03, 2025
    • Vuln Type: Memory Corruption
Showing 20 of 292803 Results