Vulnerabilities (CVE)

Filtered by vendor Axiosys Subscribe
Total 136 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-27607 1 Axiosys 1 Bento4 2024-02-28 5.8 MEDIUM 8.1 HIGH
Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.
CVE-2022-31282 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175.
CVE-2021-40941 1 Axiosys 1 Bento4 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS).
CVE-2022-31287 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp.
CVE-2022-29017 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S.
CVE-2021-40943 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS).
CVE-2022-31285 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h.
CVE-2021-32265 1 Axiosys 1 Bento4 2024-02-28 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.
CVE-2020-23333 1 Axiosys 1 Bento4 2024-02-28 5.0 MEDIUM 7.5 HIGH
A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS).
CVE-2021-35307 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).
CVE-2021-35306 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an attacker to cause a denial of service (DOS).
CVE-2018-10790 1 Axiosys 1 Bento4 2024-02-28 5.0 MEDIUM 7.5 HIGH
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
CVE-2020-19717 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An unhandled memory allocation failure in Core/Ap48bdlAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVE-2020-21066 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42aac.
CVE-2020-19719 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 1.5.1-628 leads to a denial of service (DOS).
CVE-2020-23332 1 Axiosys 1 Bento4 2024-02-28 5.0 MEDIUM 7.5 HIGH
A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS).
CVE-2020-23331 1 Axiosys 1 Bento4 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DescriptorListWriter::Action component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).
CVE-2020-23334 1 Axiosys 1 Bento4 2024-02-28 5.0 MEDIUM 7.5 HIGH
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.
CVE-2020-19720 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVE-2020-23330 1 Axiosys 1 Bento4 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2Atom::GetSampleSize component located in /Core/Ap4Stz2Atom.cpp. It allows an attacker to cause a denial of service (DOS).