CVE-2022-3964

HIGH Year: 2022
CVSS v3 Score
8.1
High
Weakness Type
CWE-119
View all →

Vulnerability Description

A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543.

Related Vulnerabilities

CVE-2008-1083

HIGH
CVSS:8.1(High)

Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbi...

CWE-1192008

CVE-2009-2502

HIGH
CVSS:8.1(High)

Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2,...

CWE-1192009

CVE-2015-7547

HIGH
CVSS:8.1(High)

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a deni...

CWE-1192015

CVE-2015-8764

HIGH
CVSS:8.1(High)

Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.

CWE-1192015

CVE-2016-0778

HIGH
CVSS:8.1(High)

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly ma...

CWE-1192016

CVE-2016-0858

HIGH
CVSS:8.1(High)

Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.

CWE-1192016