CVE-2025-10256
ADVISORY - nistSummary
A NULL pointer dereference vulnerability exists in FFmpeg’s Firequalizer filter (libavfilter/af_firequalizer.c) due to a missing check on the return value of av_malloc_array() in the config_input() function. An attacker could exploit this by tricking a victim into processing a crafted media file with the Firequalizer filter enabled, causing the application to dereference a NULL pointer and crash, leading to denial of service.
EPSS Score: 0.00298 (0.216)
Common Weakness Enumeration (CWE)
ADVISORY - nist
NULL Pointer Dereference
ADVISORY - redhat
NULL Pointer Dereference
NIST
CREATED
UPDATED
ADVISORY IDCVE-2025-10256
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2025-10256
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2025-10256
EXPLOITABILITY SCORE
1.8
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
5.5mediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2025-10256
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumminimos
CREATED
UPDATED
ADVISORY ID
MINI-gxj3-3j58-w22x
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-