A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2444-1 advisory.

    This update for ffmpeg-4 fixes the following issues

    Update to version 4.4.7:

    - CVE-2023-6601: HLS Unsafe File Extension Bypass (bsc#1220545).
    - CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options     function of sbgdec.c       within the libavformat module. When parsing certain options, the software does not adequately validate     the i       (bsc#1234030).
    - CVE-2025-1594: stack-based buffer overflow in function ff_aac_search_for_tns of the file     libavcodec/aacenc_tns.c of       the component AAC Encoder (bsc#1237561).
    - CVE-2025-9951: heap-based buffer overflow in jpeg2000dec (bsc#1249393).
    - CVE-2025-10256: NULL pointer dereference in Firequalizer filter (bsc#1249431).
    - CVE-2025-63757: accumulation of filtered pixel values can lead to an integer overflow (bsc#1255392).
    - CVE-2026-30997: Denial of Service via out-of-bounds read (bsc#1262047).
    - CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow (bsc#1262237).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2445-1 advisory.

    This update for ffmpeg-4 fixes the following issues

    Update to version 4.4.7:

    - CVE-2023-6601: HLS Unsafe File Extension Bypass (bsc#1220545).
    - CVE-2024-35366: FFmpeg n6.1.1 is Integer Overflow. The vulnerability exists in the parse_options     function of sbgdec.c       within the libavformat module. When parsing certain options, the software does not adequately validate     the i       (bsc#1234030).
    - CVE-2025-1594: stack-based buffer overflow in function ff_aac_search_for_tns of the file     libavcodec/aacenc_tns.c of       the component AAC Encoder (bsc#1237561).
    - CVE-2025-9951: heap-based buffer overflow in jpeg2000dec (bsc#1249393).
    - CVE-2025-10256: NULL pointer dereference in Firequalizer filter (bsc#1249431).
    - CVE-2025-63757: accumulation of filtered pixel values can lead to an integer overflow (bsc#1255392).
    - CVE-2026-30997: Denial of Service via out-of-bounds read (bsc#1262047).
    - CVE-2026-40962: inadequate CENC subsample bounds checks can lead to an integer overflow (bsc#1262237).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4440 advisory.

    -------------------------------------------------------------------------     Debian LTS Advisory DLA-4440-1                debian-lts@lists.debian.org     https://www.debian.org/lts/security/          Carlos Henrique Lima Melara     January 16, 2026                              https://wiki.debian.org/LTS
    -------------------------------------------------------------------------

    Package        : ffmpeg     Version        : 7:4.3.9-0+deb11u2     CVE ID         : CVE-2023-6603 CVE-2024-36615 CVE-2025-1594 CVE-2025-7700                      CVE-2025-9951 CVE-2025-10256 CVE-2025-63757     Debian Bug     :

    Several vulnerabilities have been discovered in the FFmpeg multimedia     framework, which could result in denial of service or potentially the     execution of arbitrary code if malformed files/streams are processed.

    CVE-2023-6603

        A flaw was found in FFmpeg's HLS playlist parsing. This vulnerability         allows a denial of service via a maliciously crafted HLS playlist that         triggers a null pointer dereference during initialization.

    CVE-2024-36615

        FFmpeg n7.0 has a race condition vulnerability in the VP9 decoder. This         could lead to a data race if video encoding parameters were being exported,         as the side data would be attached in the decoder thread while being read         in the output thread.

    CVE-2025-1594

        A vulnerability, which was classified as critical, was found in FFmpeg up         to 7.1. This affects the function ff_aac_search_for_tns of the file         libavcodec/aacenc_tns.c of the component AAC Encoder. The manipulation         leads to stack-based buffer overflow. It is possible to initiate the attack         remotely. The exploit has been disclosed to the public and may be used.

    CVE-2025-7700

        A flaw was found in FFmpegs ALS audio decoder, where it does not properly         check for memory allocation failures. This can cause the application to         crash when processing certain malformed audio files. While it does not lead         to data theft or system control, it can be used to disrupt services and         cause a denial of service.

    CVE-2025-9951

        A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an         attacker to potentially gain remote code execution or cause denial of         service via the channel definition cdef atom of JPEG2000.

    CVE-2025-10256

        A NULL pointer dereference vulnerability exists in FFmpegs Firequalizer         filter (libavfilter/af_firequalizer.c) due to a missing check on the return         value of av_malloc_array() in the config_input() function. An attacker         could exploit this by tricking a victim into processing a crafted media         file with the Firequalizer filter enabled, causing the application to         dereference a NULL pointer and crash, leading to denial of service.

    CVE-2025-63757

        Integer overflow vulnerability in the yuv2ya16_X_c_template function in         libswscale/output.c in FFmpeg 8.0.

    For Debian 11 bullseye, these problems have been fixed in version     7:4.3.9-0+deb11u2.

    We recommend that you upgrade your ffmpeg packages.

    For the detailed security status of ffmpeg please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/ffmpeg

    Further information about Debian LTS security advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://wiki.debian.org/LTS     Attachment:
    signature.asc     Description: PGP signature

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0714 advisory.

    Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:

    CVE-2025-1594:
    A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1. This affects the     function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c of the component AAC Encoder. The     manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The     exploit has been disclosed to the public and may be used.

    CVE-2024-55069:
    ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in     /libavformat/iamfdec.c.

Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6007 advisory.

    - -------------------------------------------------------------------------     Debian Security Advisory DSA-6007-1                   security@debian.org     https://www.debian.org/security/                       Moritz Muehlenhoff     September 21, 2025                    https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package        : ffmpeg     CVE ID         : CVE-2025-1594 CVE-2025-7700 CVE-2025-10256

    Several vulnerabilities have been discovered in the FFmpeg multimedia     framework, which could result in denial of service or potentially the     execution of arbitrary code if malformed files/streams are processed.

    For the stable distribution (trixie), these problems have been fixed in     version 7:7.1.2-0+deb13u1.

    We recommend that you upgrade your ffmpeg packages.

    For the detailed security status of ffmpeg please refer to     its security tracker page at:
    https://security-tracker.debian.org/tracker/ffmpeg

    Further information about Debian Security Advisories, how to apply     these updates to your system and frequently asked questions can be     found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
321754	SUSE SLES15 Security Update : ffmpeg-4 (SUSE-SU-2026:2444-1)	Nessus	SuSE Local Security Checks	high
321694	SUSE SLED15 / SLES15 Security Update : ffmpeg-4 (SUSE-SU-2026:2445-1)	Nessus	SuSE Local Security Checks	high
291274	Debian dla-4440 : ffmpeg - security update	Nessus	Debian Local Security Checks	high
276014	TencentOS Server 4: ffmpeg (TSSA-2025:0714)	Nessus	Tencent Local Security Checks	medium
265685	Debian dsa-6007 : ffmpeg - security update	Nessus	Debian Local Security Checks	medium

Detections

Analytics

CVE-2025-1594

medium

Tenable Plugins

high

high

high

medium

medium