Filtered by vendor Gpac
Subscribe
Total
341 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46927 | 1 Gpac | 1 Gpac | 2024-09-12 | N/A | 5.5 MEDIUM |
| GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box. | |||||
| CVE-2023-46930 | 1 Gpac | 1 Gpac | 2024-09-06 | N/A | 5.5 MEDIUM |
| GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14. | |||||
| CVE-2023-46931 | 1 Gpac | 1 Gpac | 2024-09-06 | N/A | 5.5 MEDIUM |
| GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in gpac/MP4Box. | |||||
| CVE-2023-46928 | 1 Gpac | 1 Gpac | 2024-09-06 | N/A | 5.5 MEDIUM |
| GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42. | |||||
| CVE-2023-46001 | 1 Gpac | 1 Gpac | 2024-09-05 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data. | |||||
| CVE-2023-47384 | 1 Gpac | 1 Gpac | 2024-09-03 | N/A | 5.5 MEDIUM |
| MP4Box GPAC v2.3-DEV-rev617-g671976fcc-master was discovered to contain a memory leak in the function gf_isom_add_chapter at /isomedia/isom_write.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file. | |||||
| CVE-2023-48011 | 1 Gpac | 1 Gpac | 2024-08-29 | N/A | 7.8 HIGH |
| GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c. | |||||
| CVE-2023-0841 | 1 Gpac | 1 Gpac | 2024-05-28 | 7.5 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087. | |||||
| CVE-2024-24267 | 1 Gpac | 1 Gpac | 2024-05-28 | N/A | 7.5 HIGH |
| gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob variable in the gf_fileio_from_blob function. | |||||
| CVE-2023-1452 | 1 Gpac | 1 Gpac | 2024-05-17 | 4.3 MEDIUM | 7.8 HIGH |
| A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability. | |||||
| CVE-2023-1449 | 1 Gpac | 1 Gpac | 2024-05-17 | 4.3 MEDIUM | 7.8 HIGH |
| A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-1448 | 1 Gpac | 1 Gpac | 2024-05-17 | 4.3 MEDIUM | 7.8 HIGH |
| A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability. | |||||
| CVE-2024-0321 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2024-24265 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.5 HIGH |
| gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal function. | |||||
| CVE-2024-0322 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 9.1 CRITICAL |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-5998 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.5 HIGH |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. | |||||
| CVE-2023-48090 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.1 HIGH |
| GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329. | |||||
| CVE-2023-47465 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 5.5 MEDIUM |
| An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c. | |||||
| CVE-2024-24266 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.5 HIGH |
| gpac v2.2.1 was discovered to contain a Use-After-Free (UAF) vulnerability via the dasher_configure_pid function at /src/filters/dasher.c. | |||||
| CVE-2023-46929 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.5 HIGH |
| An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box in gf_avc_change_vui /afltest/gpac/src/media_tools/av_parsers.c:6872:55 allows attackers to crash the application. | |||||