Search
Total
145 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-47465 | 1 Gpac | 1 Gpac | 2023-12-12 | N/A | 5.5 MEDIUM |
| An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c. | |||||
| CVE-2023-48958 | 1 Gpac | 1 Gpac | 2023-12-12 | N/A | 5.5 MEDIUM |
| gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589. | |||||
| CVE-2023-46871 | 1 Gpac | 1 Gpac | 2023-12-12 | N/A | 5.3 MEDIUM |
| GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service. | |||||
| CVE-2023-48039 | 1 Gpac | 1 Gpac | 2023-11-30 | N/A | 5.5 MEDIUM |
| GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75. | |||||
| CVE-2023-47384 | 1 Gpac | 1 Gpac | 2023-11-21 | N/A | 5.5 MEDIUM |
| MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. | |||||
| CVE-2023-46001 | 1 Gpac | 1 Gpac | 2023-11-16 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data. | |||||
| CVE-2021-40606 | 1 Gpac | 1 Gpac | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_bs_write_data function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | |||||
| CVE-2021-45763 | 1 Gpac | 1 Gpac | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC v1.1.0 was discovered to contain an invalid call in the function gf_node_changed(). This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-45289 | 1 Gpac | 1 Gpac | 2023-08-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL. | |||||
| CVE-2021-40942 | 1 Gpac | 1 Gpac | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In GPAC MP4Box v1.1.0, there is a heap-buffer-overflow in the function filter_parse_dyn_args function in filter_core/filter.c:1454, as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
| CVE-2021-40609 | 1 Gpac | 1 Gpac | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | |||||
| CVE-2021-40944 | 1 Gpac | 1 Gpac | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In GPAC MP4Box 1.1.0, there is a Null pointer reference in the function gf_filter_pid_get_packet function in src/filter_core/filter_pid.c:5394, as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
| CVE-2021-40607 | 1 Gpac | 1 Gpac | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | |||||
| CVE-2021-40608 | 1 Gpac | 1 Gpac | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_hinter_track_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | |||||
| CVE-2021-40592 | 1 Gpac | 1 Gpac | 2022-06-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file. | |||||
| CVE-2021-33365 | 1 Gpac | 1 Gpac | 2022-05-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
| CVE-2021-31256 | 1 Gpac | 1 Gpac | 2022-05-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
| CVE-2021-33363 | 1 Gpac | 1 Gpac | 2022-05-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
| CVE-2021-33361 | 1 Gpac | 1 Gpac | 2022-05-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
| CVE-2022-29537 | 1 Gpac | 1 Gpac | 2022-05-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box. | |||||
| CVE-2021-4043 | 1 Gpac | 1 Gpac | 2022-02-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0. | |||||
| CVE-2022-24249 | 1 Gpac | 1 Gpac | 2022-02-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability exists in GPAC 1.1.0 via the xtra_box_write function in /box_code_base.c, which causes a Denial of Service. This vulnerability was fixed in commit 71f9871. | |||||
| CVE-2021-46313 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentation fault via the function __memmove_avx_unaligned_erms (). This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46311 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_destroy_routes () at scenegraph/vrml_route.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46240 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_dump_vrml_sffield () at scene_manager/scene_dump.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46239 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| The binary MP4Box in GPAC v1.1.0 was discovered to contain an invalid free vulnerability via the function gf_free () at utils/alloc.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46238 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC v1.1.0 was discovered to contain a stack overflow via the function gf_node_get_name () at scenegraph/base_scenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service (DoS). | |||||
| CVE-2021-46237 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| An untrusted pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_node_unregister () at scenegraph/base_scenegraph.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46236 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_sg_vrml_field_pointer_del () at scenegraph/vrml_tools.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46234 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| A NULL pointer dereference vulnerability exists in GPAC v1.1.0 via the function gf_node_unregister () at scenegraph/base_scenegraph.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-45767 | 1 Gpac | 1 Gpac | 2022-01-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC 1.1.0 was discovered to contain an invalid memory address dereference via the function lsr_read_id(). This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-45764 | 1 Gpac | 1 Gpac | 2022-01-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function shift_chunk_offsets.isra(). | |||||
| CVE-2021-45762 | 1 Gpac | 1 Gpac | 2022-01-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_sg_vrml_mf_reset(). This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2021-45760 | 1 Gpac | 1 Gpac | 2022-01-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2020-25427 | 1 Gpac | 1 Gpac | 2022-01-18 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service. | |||||
| CVE-2021-44926 | 1 Gpac | 1 Gpac | 2022-01-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-44919 | 1 Gpac | 1 Gpac | 2022-01-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault and application crash. | |||||
| CVE-2021-40575 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the mpgviddmx_process function in reframe_mpgvid.c, which allows attackers to cause a denial of service. This vulnerability is possibly due to an incomplete fix for CVE-2021-40566. | |||||
| CVE-2021-40576 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service. | |||||
| CVE-2021-40572 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service. | |||||
| CVE-2021-40573 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| The binary MP4Box in Gpac 1.0.1 has a double-free vulnerability in the gf_list_del function in list.c, which allows attackers to cause a denial of service. | |||||
| CVE-2021-40569 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service. | |||||
| CVE-2021-40567 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service. | |||||
| CVE-2021-40566 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service. | |||||
| CVE-2021-40565 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service. | |||||
| CVE-2021-40564 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service. | |||||
| CVE-2021-40563 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service. | |||||
| CVE-2021-40562 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service. | |||||
| CVE-2021-40559 | 1 Gpac | 1 Gpac | 2022-01-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service. | |||||
| CVE-2021-46045 | 1 Gpac | 1 Gpac | 2022-01-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC 1.0.1 is affected by: Abort failed. The impact is: cause a denial of service (context-dependent). | |||||