Filtered by vendor Gpac
Subscribe
Total
292 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-3012 | 1 Gpac | 1 Gpac | 2023-06-06 | N/A | 7.8 HIGH |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2023-3013 | 1 Gpac | 1 Gpac | 2023-06-06 | N/A | 7.1 HIGH |
| Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2. | |||||
| CVE-2021-40565 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service. | |||||
| CVE-2021-46041 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service. | |||||
| CVE-2021-40566 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Segmentation fault casued by heap use after free vulnerability exists in Gpac through 1.0.1 via the mpgviddmx_process function in reframe_mpgvid.c when using mp4box, which causes a denial of service. | |||||
| CVE-2021-36417 | 1 Gpac | 1 Gpac | 2023-05-27 | 6.8 MEDIUM | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-46044 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent). | |||||
| CVE-2021-45262 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-36414 | 1 Gpac | 1 Gpac | 2023-05-27 | 6.8 MEDIUM | 7.8 HIGH |
| A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
| CVE-2021-45292 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command. | |||||
| CVE-2021-46042 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service. | |||||
| CVE-2021-41457 | 1 Gpac | 1 Mp4box | 2023-05-27 | 5.0 MEDIUM | 7.5 HIGH |
| There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. | |||||
| CVE-2021-40592 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file. | |||||
| CVE-2021-21852 | 1 Gpac | 1 Gpac | 2023-05-27 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacker can convince a user to open a video to trigger this vulnerability. | |||||
| CVE-2021-33364 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
| CVE-2021-46043 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service. | |||||
| CVE-2021-45263 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash. | |||||
| CVE-2021-46040 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent). | |||||
| CVE-2021-45831 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which causes a Denial of Service. | |||||
| CVE-2021-45760 | 1 Gpac | 1 Gpac | 2023-05-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC v1.1.0 was discovered to contain an invalid memory address dereference via the function gf_list_last(). This vulnerability allows attackers to cause a Denial of Service (DoS). | |||||