Filtered by vendor Gpac Subscriptions
Filtered by product Gpac Subscriptions
Total 341 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-1441 2 Debian, Gpac 2 Debian Linux, Gpac 2024-08-03 7.8 High
MP4Box is a component of GPAC-2.0.0, which is a widely-used third-party package on RPM Fusion. When MP4Box tries to parse a MP4 file, it calls the function `diST_box_read()` to read from video. In this function, it allocates a buffer `str` with fixed length. However, content read from `bs` is controllable by user, so is the length, which causes a buffer overflow.
CVE-2022-1172 1 Gpac 1 Gpac 2024-08-02 5.0 Medium
Null Pointer Dereference Caused Segmentation Fault in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVE-2022-1222 1 Gpac 1 Gpac 2024-08-02 5.5 Medium
Inf loop in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVE-2022-1035 1 Gpac 1 Gpac 2024-08-02 5.5 Medium
Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV.
CVE-2023-50120 1 Gpac 1 Gpac 2024-08-02 5.5 Medium
MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.
CVE-2023-48090 1 Gpac 1 Gpac 2024-08-02 7.1 High
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329.
CVE-2023-48039 1 Gpac 1 Gpac 2024-08-02 5.5 Medium
GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75.
CVE-2023-47465 1 Gpac 1 Gpac 2024-08-02 5.5 Medium
An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c.
CVE-2023-46929 1 Gpac 1 Gpac 2024-08-02 7.5 High
An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55 allows attackers to crash the application.
CVE-2023-46932 1 Gpac 1 Gpac 2024-08-02 9.8 Critical
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box.
CVE-2023-46871 1 Gpac 1 Gpac 2024-08-02 5.3 Medium
GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service.
CVE-2023-37767 1 Gpac 1 Gpac 2024-08-02 5.5 Medium
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so.
CVE-2023-23145 1 Gpac 1 Gpac 2024-08-02 7.8 High
GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function.
CVE-2023-23143 1 Gpac 1 Gpac 2024-08-02 7.8 High
Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master.
CVE-2023-23144 1 Gpac 1 Gpac 2024-08-02 5.5 Medium
Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master.
CVE-2023-3291 1 Gpac 1 Gpac 2024-08-02 3.3 Low
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.
CVE-2023-3012 1 Gpac 1 Gpac 2024-08-02 7.8 High
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2.
CVE-2023-3013 1 Gpac 1 Gpac 2024-08-02 7.1 High
Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2.
CVE-2023-2839 1 Gpac 1 Gpac 2024-08-02 7.5 High
Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2.
CVE-2023-2837 1 Gpac 1 Gpac 2024-08-02 5.5 Medium
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.