Filtered by vendor Gpac
Subscriptions
Total
346 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7752 | 3 Canonical, Debian, Gpac | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100. | ||||
| CVE-2018-21017 | 1 Gpac | 1 Gpac | 2024-11-21 | 6.5 Medium |
| GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c. | ||||
| CVE-2018-21016 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 6.5 Medium |
| audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. | ||||
| CVE-2018-21015 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | 6.5 Medium |
| AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL. | ||||
| CVE-2018-20760 | 3 Canonical, Debian, Gpac | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled. | ||||
| CVE-2018-13006 | 3 Canonical, Debian, Gpac | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump. | ||||
| CVE-2018-13005 | 3 Canonical, Debian, Gpac | 3 Ubuntu Linux, Debian Linux, Gpac | 2024-11-21 | N/A |
| An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read. | ||||
| CVE-2023-4679 | 1 Gpac | 1 Gpac | 2024-11-19 | 5.9 Medium |
| A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-free condition, which may cause the application to crash. | ||||
| CVE-2023-37767 | 1 Gpac | 1 Gpac | 2024-11-14 | 5.5 Medium |
| GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so. | ||||
| CVE-2023-50120 | 1 Gpac | 1 Gpac | 2024-11-14 | 5.5 Medium |
| MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. | ||||
| CVE-2023-37174 | 1 Gpac | 1 Gpac | 2024-11-08 | 5.5 Medium |
| GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c. | ||||
| CVE-2023-37766 | 1 Gpac | 1 Gpac | 2024-11-08 | 5.5 Medium |
| GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/libgpac.so. | ||||
| CVE-2023-37765 | 1 Gpac | 1 Gpac | 2024-11-08 | 5.5 Medium |
| GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so. | ||||
| CVE-2021-4043 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-08 | 5.5 Medium |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 1.1.0. | ||||
| CVE-2023-3523 | 1 Gpac | 1 Gpac | 2024-11-06 | 7.1 High |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-48958 | 1 Gpac | 1 Gpac | 2024-10-09 | 5.5 Medium |
| gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589. | ||||
| CVE-2023-39562 | 1 Gpac | 1 Gpac | 2024-10-02 | 5.5 Medium |
| GPAC v2.3-DEV-rev449-g5948e4f70-master was discovered to contain a heap-use-after-free via the gf_bs_align function at bitstream.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted file. | ||||
| CVE-2023-4778 | 1 Gpac | 1 Gpac | 2024-09-27 | 5.5 Medium |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | ||||
| CVE-2023-41000 | 1 Gpac | 1 Gpac | 2024-09-26 | 5.5 Medium |
| GPAC through 2.2.1 has a use-after-free vulnerability in the function gf_bifs_flush_command_list in bifs/memory_decoder.c. | ||||
| CVE-2024-6061 | 1 Gpac | 1 Gpac | 2024-09-25 | 3.3 Low |
| A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffin_process of the file src/filters/isoffin_read.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of the patch is 20c0f29139a82779b86453ce7f68d0681ec7624c. It is recommended to apply a patch to fix this issue. The identifier VDB-268789 was assigned to this vulnerability. | ||||