Filtered by vendor Axiosys
Subscriptions
Total
136 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-17454 | 1 Axiosys | 1 Bento4 | 2024-08-05 | 6.5 Medium |
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info. | ||||
CVE-2019-16349 | 1 Axiosys | 1 Bento4 | 2024-08-05 | 5.5 Medium |
Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class. | ||||
CVE-2019-15048 | 1 Axiosys | 1 Bento4 | 2024-08-05 | N/A |
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp. | ||||
CVE-2019-15050 | 1 Axiosys | 1 Bento4 | 2024-08-05 | N/A |
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp. | ||||
CVE-2019-15049 | 1 Axiosys | 1 Bento4 | 2024-08-05 | N/A |
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp. | ||||
CVE-2019-15047 | 1 Axiosys | 1 Bento4 | 2024-08-05 | N/A |
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp. | ||||
CVE-2019-13959 | 1 Axiosys | 1 Bento4 | 2024-08-05 | N/A |
In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186. | ||||
CVE-2019-13238 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
An issue was discovered in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a NULL pointer. | ||||
CVE-2019-9544 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
An issue was discovered in Bento4 1.5.1-628. An out of bounds write occurs in AP4_CttsTableEntry::AP4_CttsTableEntry() located in Core/Ap4Array.h. It can be triggered by sending a crafted file to (for example) the mp42hls binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||
CVE-2019-8380 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in AP4_Track::GetSampleIndexForTimeStampMs() located in Core/Ap4Track.cpp. It can triggered by sending a crafted file to the mp4audioclip binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||
CVE-2019-8378 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over-read exists in AP4_BitStream::ReadBytes() in Codecs/Ap4BitStream.cpp, a similar issue to CVE-2017-14645. It can be triggered by sending a crafted file to the aac2mp4 binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||
CVE-2019-8382 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereference occurs in the function AP4_List:Find located in Core/Ap4List.h when called from Core/Ap4Movie.cpp. It can be triggered by sending a crafted file to the mp4dump binary. It allows an attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||
CVE-2019-7697 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42hls. | ||||
CVE-2019-7698 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls, a related issue to CVE-2018-20095. | ||||
CVE-2019-7699 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627. Remote attackers could leverage this vulnerability to cause an exception via crafted mp4 input, which leads to a denial of service. | ||||
CVE-2019-6966 | 1 Axiosys | 1 Bento4 | 2024-08-04 | N/A |
An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in Core/Ap4ElstAtom.cpp has an attempted excessive memory allocation related to AP4_Array<AP4_ElstEntry>::EnsureCapacity in Core/Ap4Array.h, as demonstrated by mp42hls. | ||||
CVE-2020-23912 | 1 Axiosys | 1 Bento4 | 2024-08-04 | 5.5 Medium |
An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service. | ||||
CVE-2020-23330 | 1 Axiosys | 1 Bento4 | 2024-08-04 | 7.5 High |
An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2Atom::GetSampleSize component located in /Core/Ap4Stz2Atom.cpp. It allows an attacker to cause a denial of service (DOS). | ||||
CVE-2020-23334 | 1 Axiosys | 1 Bento4 | 2024-08-04 | 7.5 High |
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault. | ||||
CVE-2020-23333 | 1 Axiosys | 1 Bento4 | 2024-08-04 | 7.5 High |
A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS). |