How severe is CVE-2025-0518?

This vulnerability has a severity rating of MEDIUM with a CVSS score of N/A out of 10.

What type of vulnerability is CVE-2025-0518?

This is classified as CWE-125, which is a common weakness in software security.

CVE-2025-0518 - MEDIUM Severity | CVSS N/A

Vulnerability Description

Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg allows Read Sensitive Constants Within an Executable. This vulnerability is associated with program files https://github.Com/FFmpeg/FFmpeg/blob/master/libavfilter/af_pan.C . This issue affects FFmpeg: 7.1. Issue was fixed: https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a This issue was discovered by: Simcha Kosman

Related Vulnerabilities

CVE-2017-14451

CRITICAL

CVSS:10.0(Critical)

An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequen...

CWE-1252017

CVE-2021-41556

CRITICAL

CVSS:10.0(Critical)

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to Code Execution. If a victim executes an attacker-controlled squirrel s...

CWE-1252021

CVE-2024-22004

CRITICAL

CVSS:10.0(Critical)

Due to length check, an attacker with privilege access on a Linux Nonsecure operating system can trigger a vulnerability and leak the secure memory from the Trusted Application

CWE-1252024

CVE-2023-26489

CRITICAL

CVSS:9.9(Critical)

wasmtime is a fast and secure runtime for WebAssembly. In affected versions wasmtime's code generator, Cranelift, has a bug on x86_64 targets where address-mode computation mistakenly would calculate ...

CWE-1252023

CVE-1999-0006

CRITICAL

CVSS:9.8(Critical)

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

CWE-1251999

CVE-2014-2896

CRITICAL

CVSS:9.8(Critical)

The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an ou...

CWE-1252014