Filtered by vendor Gpac
Subscribe
Search
Total
234 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41457 | 1 Gpac | 1 Mp4box | 2021-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. | |||||
| CVE-2021-41459 | 1 Gpac | 1 Mp4box | 2021-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability. | |||||
| CVE-2021-32268 | 1 Gpac | 1 Gpac | 2021-10-07 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1. | |||||
| CVE-2021-32271 | 1 Gpac | 1 Gpac | 2021-10-02 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution. | |||||
| CVE-2021-32270 | 1 Gpac | 1 Gpac | 2021-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-32269 | 1 Gpac | 1 Gpac | 2021-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2020-23269 | 1 Gpac | 1 Gpac | 2021-10-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file. | |||||
| CVE-2020-23267 | 1 Gpac | 1 Gpac | 2021-09-29 | 5.8 MEDIUM | 7.1 HIGH |
| An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file | |||||
| CVE-2020-23266 | 1 Gpac | 1 Gpac | 2021-09-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function in odf_code.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file. | |||||
| CVE-2021-32139 | 1 Gpac | 1 Gpac | 2021-09-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-32138 | 1 Gpac | 1 Gpac | 2021-09-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-33366 | 1 Gpac | 1 Gpac | 2021-09-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
| CVE-2021-33364 | 1 Gpac | 1 Gpac | 2021-09-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
| CVE-2021-33362 | 1 Gpac | 1 Gpac | 2021-09-23 | 6.8 MEDIUM | 7.8 HIGH |
| Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-32134 | 1 Gpac | 1 Gpac | 2021-09-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_odf_desc_copy function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-32137 | 1 Gpac | 1 Gpac | 2021-09-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-32136 | 1 Gpac | 1 Gpac | 2021-09-22 | 6.8 MEDIUM | 7.8 HIGH |
| Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-32135 | 1 Gpac | 1 Gpac | 2021-09-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-32132 | 1 Gpac | 1 Gpac | 2021-09-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| The abst_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-32438 | 1 Gpac | 1 Gpac | 2021-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-32440 | 1 Gpac | 1 Gpac | 2021-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| The Media_RewriteODFrame function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-32439 | 1 Gpac | 1 Gpac | 2021-08-16 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the stbl_AppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-32437 | 1 Gpac | 1 Gpac | 2021-08-16 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-36584 | 1 Gpac | 1 Gpac | 2021-08-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS). | |||||
| CVE-2020-24829 | 1 Gpac | 1 Gpac | 2021-08-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file. | |||||
| CVE-2020-22352 | 1 Gpac | 1 Gpac | 2021-08-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2020-19488 | 1 Gpac | 1 Gpac | 2021-07-31 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, allows attackers to cause a Denial of Service due to an invalid read on function ilst_item_Read. | |||||
| CVE-2020-19481 | 1 Gpac | 1 Gpac | 2021-07-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid memory read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file. | |||||
| CVE-2019-11221 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media_import.c. | |||||
| CVE-2019-20159 | 1 Gpac | 1 Gpac | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a memory leak in dinf_New() in isomedia/box_code_base.c. | |||||
| CVE-2019-11222 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overflow issue for the crypt feature when encountering a crafted_drm_file.xml file. | |||||
| CVE-2020-35982 | 1 Gpac | 1 Gpac | 2021-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function gf_hinter_track_finalize() in media_tools/isom_hinter.c. | |||||
| CVE-2020-35981 | 1 Gpac | 1 Gpac | 2021-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an invalid pointer dereference in the function SetupWriters() in isomedia/isom_store.c. | |||||
| CVE-2020-35980 | 1 Gpac | 1 Gpac | 2021-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is a use-after-free in the function gf_isom_box_del() in isomedia/box_funcs.c. | |||||
| CVE-2020-35979 | 1 Gpac | 1 Gpac | 2021-04-23 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c. | |||||
| CVE-2020-23930 | 1 Gpac | 1 Gpac | 2021-04-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function nhmldump_send_header located in write_nhml.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2020-23932 | 1 Gpac | 1 Gpac | 2021-04-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in gpac before 1.0.1. A NULL pointer dereference exists in the function dump_isom_sdp located in filedump.c. It allows an attacker to cause Denial of Service. | |||||
| CVE-2021-31254 | 1 Gpac | 1 Gpac | 2021-04-22 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes. | |||||
| CVE-2021-31257 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-31255 | 1 Gpac | 1 Gpac | 2021-04-21 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-31261 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_hinter_track_new function in GPAC 1.0.1 allows attackers to read memory via a crafted file in the MP4Box command. | |||||
| CVE-2021-31260 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The MergeTrack function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-31259 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_isom_cenc_get_default_info_internal function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-31258 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_isom_set_extraction_slc function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-29279 | 1 Gpac | 1 Gpac | 2021-04-21 | 6.8 MEDIUM | 7.8 HIGH |
| There is a integer overflow in function filter_core/filter_props.c:gf_props_assign_value in GPAC 1.0.1. In which, the arg const GF_PropertyValue *value,maybe value->value.data.size is a negative number. In result, memcpy in gf_props_assign_value failed. | |||||
| CVE-2021-30014 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC 1.0.1 which results in a crash. | |||||
| CVE-2021-30015 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a Null Pointer Dereference in function filter_core/filter_pck.c:gf_filter_pck_new_alloc_internal in GPAC 1.0.1. The pid comes from function av1dmx_parse_flush_sample, the ctx.opid maybe NULL. The result is a crash in gf_filter_pck_new_alloc_internal. | |||||
| CVE-2021-31262 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The AV1_DuplicateConfig function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-30199 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| In filters/reframe_latm.c in GPAC 1.0.1 there is a Null Pointer Dereference, when gf_filter_pck_get_data is called. The first arg pck may be null with a crafted mp4 file,which results in a crash. | |||||
| CVE-2021-30022 | 1 Gpac | 1 Gpac | 2021-04-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 unit, so there is an overflow, which results a crash. | |||||