Filtered by vendor Gpac
Subscribe
Total
341 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-23267 | 1 Gpac | 1 Gpac | 2023-12-10 | 5.8 MEDIUM | 7.1 HIGH |
An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file | |||||
CVE-2021-45289 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL. | |||||
CVE-2021-33365 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
CVE-2021-32137 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||||
CVE-2021-33361 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | |||||
CVE-2020-22679 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. | |||||
CVE-2021-45297 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. | |||||
CVE-2021-44923 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash. | |||||
CVE-2021-40569 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The binary MP4Box in Gpac through 1.0.1 has a double-free vulnerability in the iloc_entry_del funciton in box_code_meta.c, which allows attackers to cause a denial of service. | |||||
CVE-2021-44920 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash. | |||||
CVE-2021-45291 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command. | |||||
CVE-2021-40564 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service. | |||||
CVE-2021-41457 | 1 Gpac | 1 Mp4box | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. | |||||
CVE-2020-22674 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input. | |||||
CVE-2021-45263 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash. | |||||
CVE-2021-44926 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and application crash. | |||||
CVE-2021-40572 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service. | |||||
CVE-2021-32132 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The abst_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. | |||||
CVE-2021-36412 | 1 Gpac | 1 Gpac | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command, | |||||
CVE-2021-32135 | 1 Gpac | 1 Gpac | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command. |