Filtered by vendor Gpac
Subscriptions
Filtered by product Gpac
Subscriptions
Total
341 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-40607 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| The schm_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | ||||
| CVE-2021-40559 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service. | ||||
| CVE-2021-40562 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service. | ||||
| CVE-2021-40592 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| GPAC version before commit 71460d72ec07df766dab0a4d52687529f3efcf0a (version v1.0.1 onwards) contains loop with unreachable exit condition ('infinite loop') vulnerability in ISOBMFF reader filter, isoffin_read.c. Function isoffin_process() can result in DoS by infinite loop. To exploit, the victim must open a specially crafted mp4 file. | ||||
| CVE-2021-40572 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| The binary MP4Box in Gpac 1.0.1 has a double-free bug in the av1dmx_finalize function in reframe_av1.c, which allows attackers to cause a denial of service. | ||||
| CVE-2021-40576 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| The binary MP4Box in Gpac 1.0.1 has a null pointer dereference vulnerability in the gf_isom_get_payt_count function in hint_track.c, which allows attackers to cause a denial of service. | ||||
| CVE-2021-40565 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service. | ||||
| CVE-2021-40609 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| The GetHintFormat function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command. | ||||
| CVE-2021-40563 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| A Segmentation fault exists casued by null pointer dereference exists in Gpac through 1.0.1 via the naludmx_create_avc_decoder_config function in reframe_nalu.c when using mp4box, which causes a denial of service. | ||||
| CVE-2021-40567 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| Segmentation fault vulnerability exists in Gpac through 1.0.1 via the gf_odf_size_descriptor function in desc_private.c when using mp4box, which causes a denial of service. | ||||
| CVE-2021-40568 | 1 Gpac | 1 Gpac | 2024-08-04 | 7.8 High |
| A buffer overflow vulnerability exists in Gpac through 1.0.1 via a malformed MP4 file in the svc_parse_slice function in av_parsers.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | ||||
| CVE-2021-36584 | 1 Gpac | 1 Gpac | 2024-08-04 | 5.5 Medium |
| An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS). | ||||
| CVE-2021-36417 | 1 Gpac | 1 Gpac | 2024-08-04 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in GPAC v1.0.1 in the gf_isom_dovi_config_get function in MP4Box, which causes a denial of service or execute arbitrary code via a crafted file. | ||||
| CVE-2021-36412 | 1 Gpac | 1 Gpac | 2024-08-04 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command, | ||||
| CVE-2021-36414 | 1 Gpac | 1 Gpac | 2024-08-04 | 7.8 High |
| A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | ||||
| CVE-2021-33364 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33366 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33362 | 1 Gpac | 1 Gpac | 2024-08-03 | 7.8 High |
| Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | ||||
| CVE-2021-33363 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||
| CVE-2021-33365 | 1 Gpac | 1 Gpac | 2024-08-03 | 5.5 Medium |
| Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file. | ||||