Filtered by vendor Gpac
Subscribe
Search
Total
79 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36417 | 1 Gpac | 1 Gpac | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-40574 | 1 Gpac | 1 Gpac | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | |||||
| CVE-2021-40570 | 1 Gpac | 1 Gpac | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the avc_compute_poc function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | |||||
| CVE-2021-40571 | 1 Gpac | 1 Gpac | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the ilst_box_read function in box_code_apple.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | |||||
| CVE-2021-40568 | 1 Gpac | 1 Gpac | 2022-01-14 | 6.8 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | |||||
| CVE-2021-45266 | 1 Gpac | 1 Gpac | 2021-12-23 | 5.0 MEDIUM | 7.5 HIGH |
| A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-41456 | 1 Gpac | 1 Mp4box | 2021-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability. | |||||
| CVE-2021-41457 | 1 Gpac | 1 Mp4box | 2021-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. | |||||
| CVE-2021-41459 | 1 Gpac | 1 Mp4box | 2021-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability. | |||||
| CVE-2021-32268 | 1 Gpac | 1 Gpac | 2021-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1. | |||||
| CVE-2021-32271 | 1 Gpac | 1 Gpac | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution. | |||||
| CVE-2020-23267 | 1 Gpac | 1 Gpac | 2021-09-29 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file | |||||
| CVE-2021-33362 | 1 Gpac | 1 Gpac | 2021-09-23 | 6.8 MEDIUM | 7.8 HIGH |
| Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-32136 | 1 Gpac | 1 Gpac | 2021-09-22 | 6.8 MEDIUM | 7.8 HIGH |
| Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-32439 | 1 Gpac | 1 Gpac | 2021-08-16 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2019-11221 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media_import.c. | |||||
| CVE-2019-11222 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafted_drm_file.xml file. | |||||
| CVE-2020-35982 | 1 Gpac | 1 Gpac | 2021-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function gf_hinter_track_finalize() in media_tools/isom_hinter.c. | |||||
| CVE-2020-35981 | 1 Gpac | 1 Gpac | 2021-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c. | |||||
| CVE-2020-35979 | 1 Gpac | 1 Gpac | 2021-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c. | |||||
| CVE-2020-35980 | 1 Gpac | 1 Gpac | 2021-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c. | |||||
| CVE-2021-31254 | 1 Gpac | 1 Gpac | 2021-04-22 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes. | |||||
| CVE-2021-31255 | 1 Gpac | 1 Gpac | 2021-04-21 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-29279 | 1 Gpac | 1 Gpac | 2021-04-21 | 6.8 MEDIUM | 7.8 HIGH |
| There is a integer overflow in function filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1. In which, the arg const GF_PropertyValue *value,maybe value->value.data.size is a negative number. In result, memcpy in gf_props_assign_value failed. | |||||
| CVE-2019-12483 | 1 Gpac | 1 Gpac | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box. | |||||
| CVE-2019-13618 | 1 Gpac | 1 Gpac | 2020-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gf_m2ts_sync in media_tools/mpegts.c. | |||||
| CVE-2019-12482 | 1 Gpac | 1 Gpac | 2019-06-30 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GPAC 0.7.1. There is a NULL pointer dereference in the function gf_isom_get_original_format_type at isomedia/drm_sample.c in libgpac.a, as demonstrated by MP4Box. | |||||
| CVE-2018-20760 | 3 Canonical, Debian, Gpac | 3 Ubuntu Linux, Debian Linux, Gpac | 2019-04-15 | 6.8 MEDIUM | 7.8 HIGH |
| In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled. | |||||
| CVE-2018-7752 | 3 Canonical, Debian, Gpac | 3 Ubuntu Linux, Debian Linux, Gpac | 2019-04-15 | 6.8 MEDIUM | 7.8 HIGH |
| GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100. | |||||