Vulnerabilities (CVE)

Filtered by vendor Axiosys Subscribe
Total 136 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-23912 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service.
CVE-2020-19721 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS).
CVE-2020-19722 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a direct copy to NULL pointer dereference, leading to a denial of service (DOS).
CVE-2020-19718 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVE-2019-17452 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump.
CVE-2019-20092 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_EsDescriptor::GetDecoderConfigDescriptor in Ap4EsDescriptor.cpp.
CVE-2019-17530 1 Axiosys 1 Bento4 2024-02-28 6.8 MEDIUM 7.8 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_PrintInspector::AddField in Core/Ap4Atom.cpp when called from AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp, when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
CVE-2019-17454 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.
CVE-2019-17529 1 Axiosys 1 Bento4 2024-02-28 6.8 MEDIUM 7.8 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in AP4_CencSampleEncryption::DoInspectFields in Core/Ap4CommonEncryption.cpp when called from AP4_Atom::Inspect in Core/Ap4Atom.cpp.
CVE-2019-17528 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
CVE-2019-17453 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact.
CVE-2019-20090 1 Axiosys 1 Bento4 2024-02-28 6.8 MEDIUM 7.8 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a use-after-free in AP4_Sample::GetOffset in Core/Ap4Sample.h when called from Ap4LinearReader.cpp.
CVE-2019-20091 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer dereference in AP4_Descriptor::GetTag in mp42ts when called from AP4_DecoderConfigDescriptor::GetDecoderSpecificInfoDescriptor in Ap4DecoderConfigDescriptor.cpp.
CVE-2019-15047 1 Axiosys 1 Bento4 2024-02-28 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.
CVE-2019-15049 1 Axiosys 1 Bento4 2024-02-28 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.
CVE-2019-13238 1 Axiosys 1 Bento4 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a NULL pointer.
CVE-2019-15050 1 Axiosys 1 Bento4 2024-02-28 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp.
CVE-2019-16349 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.
CVE-2019-15048 1 Axiosys 1 Bento4 2024-02-28 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.
CVE-2019-13959 1 Axiosys 1 Bento4 2024-02-28 4.3 MEDIUM 6.5 MEDIUM
In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186.