Filtered by vendor Axiosys
Subscribe
Search
Total
36 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3812 | 1 Axiosys | 1 Bento4 | 2023-12-28 | N/A | 6.5 MEDIUM |
| A vulnerability was found in Axiomatic Bento4. It has been rated as problematic. Affected by this issue is the function AP4_ContainerAtom::AP4_ContainerAtom of the component mp4encrypt. The manipulation leads to memory leak. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-212678 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-38666 | 1 Axiosys | 1 Bento4 | 2023-08-28 | N/A | 5.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt. | |||||
| CVE-2022-40736 | 1 Axiosys | 1 Bento4 | 2023-08-08 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp. | |||||
| CVE-2020-19721 | 1 Axiosys | 1 Bento4 | 2022-07-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS). | |||||
| CVE-2021-40943 | 1 Axiosys | 1 Bento4 | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
| CVE-2022-31287 | 1 Axiosys | 1 Bento4 | 2022-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp. | |||||
| CVE-2022-31285 | 1 Axiosys | 1 Bento4 | 2022-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h. | |||||
| CVE-2022-31282 | 1 Axiosys | 1 Bento4 | 2022-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175. | |||||
| CVE-2022-29017 | 1 Axiosys | 1 Bento4 | 2022-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S. | |||||
| CVE-2020-21066 | 1 Axiosys | 1 Bento4 | 2021-08-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42aac. | |||||
| CVE-2021-35307 | 1 Axiosys | 1 Bento4 | 2021-08-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS). | |||||
| CVE-2021-35306 | 1 Axiosys | 1 Bento4 | 2021-08-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an attacker to cause a denial of service (DOS). | |||||
| CVE-2020-23912 | 1 Axiosys | 1 Bento4 | 2021-04-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service. | |||||
| CVE-2019-6966 | 1 Axiosys | 1 Bento4 | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has an attempted excessive memory allocation related to AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h, as demonstrated by mp42hls. | |||||
| CVE-2019-7699 | 1 Axiosys | 1 Bento4 | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted mp4 input, which leads to a denial of service. | |||||
| CVE-2019-7698 | 1 Axiosys | 1 Bento4 | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls, a related issue to CVE-2018-20095. | |||||
| CVE-2019-7697 | 1 Axiosys | 1 Bento4 | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42hls. | |||||
| CVE-2019-20091 | 1 Axiosys | 1 Bento4 | 2020-01-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp. | |||||
| CVE-2019-20092 | 1 Axiosys | 1 Bento4 | 2020-01-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp. | |||||
| CVE-2019-17452 | 1 Axiosys | 1 Bento4 | 2019-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump. | |||||
| CVE-2019-17454 | 1 Axiosys | 1 Bento4 | 2019-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info. | |||||
| CVE-2019-17453 | 1 Axiosys | 1 Bento4 | 2019-10-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact. | |||||
| CVE-2018-14445 | 1 Axiosys | 1 Bento4 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file. | |||||
| CVE-2018-20659 | 1 Axiosys | 1 Bento4 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp, as demonstrated by mp42hls. | |||||
| CVE-2018-20409 | 1 Axiosys | 1 Bento4 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls. | |||||
| CVE-2018-20408 | 1 Axiosys | 1 Bento4 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp, as demonstrated by mp42hls. | |||||
| CVE-2018-20407 | 1 Axiosys | 1 Bento4 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42hls. | |||||
| CVE-2018-20095 | 1 Axiosys | 1 Bento4 | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls. | |||||
| CVE-2019-16349 | 1 Axiosys | 1 Bento4 | 2019-09-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class. | |||||
| CVE-2019-13959 | 1 Axiosys | 1 Bento4 | 2019-07-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186. | |||||
| CVE-2018-20186 | 1 Axiosys | 1 Bento4 | 2019-01-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in Core/Ap4Sample.cpp allows attackers to trigger an attempted excessive memory allocation, related to AP4_DataBuffer::SetDataSize and AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp. | |||||
| CVE-2018-20502 | 1 Axiosys | 1 Bento4 | 2019-01-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.5.1-627. There is an attempt at excessive memory allocation in the AP4_DataBuffer class when called from AP4_HvccAtom::Create in Core/Ap4HvccAtom.cpp. | |||||
| CVE-2018-14545 | 1 Axiosys | 1 Bento4 | 2018-09-19 | 4.3 MEDIUM | 5.5 MEDIUM |
| There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts. | |||||
| CVE-2018-14543 | 1 Axiosys | 1 Bento4 | 2018-09-19 | 4.3 MEDIUM | 5.5 MEDIUM |
| There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump. | |||||
| CVE-2017-12475 | 1 Axiosys | 1 Bento4 | 2018-09-19 | 4.3 MEDIUM | 5.5 MEDIUM |
| The AP4_Processor::Process function in Core/Ap4Processor.cpp in Bento4 mp4encrypt before 1.5.0-616 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted mp4 file. | |||||
| CVE-2018-14544 | 1 Axiosys | 1 Bento4 | 2018-09-19 | 4.3 MEDIUM | 5.5 MEDIUM |
| There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts. | |||||