Vendor CVEs
Gpac
All CVEs
420 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-40562 | 0.00 | — | 0.01 | Jan 12, 2022 | A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service. | |||
| CVE-2021-40564 | 0.00 | — | 0.01 | Jan 12, 2022 | A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service. | |||
| CVE-2021-40559 | 0.00 | — | 0.01 | Jan 12, 2022 | A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service. | |||
| CVE-2021-40565 | 0.00 | — | 0.01 | Jan 12, 2022 | A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service. | |||
| CVE-2020-25427 | 0.00 | — | 0.01 | Jan 10, 2022 | A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service. | |||
| CVE-2021-36412 | 0.00 | — | 0.01 | Jan 10, 2022 | A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command, | |||
| CVE-2021-36414 | 0.00 | — | 0.01 | Jan 10, 2022 | A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | |||
| CVE-2021-46047 | 0.00 | — | 0.01 | Jan 7, 2022 | A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_hinter_finalize function. | |||
| CVE-2021-46046 | 0.00 | — | 0.01 | Jan 7, 2022 | A Pointer Derefernce Vulnerbility exists GPAC 1.0.1 the gf_isom_box_size function, which could cause a Denial of Service (context-dependent). | |||
| CVE-2021-46045 | 0.00 | — | 0.01 | Jan 7, 2022 | GPAC 1.0.1 is affected by: Abort failed. The impact is: cause a denial of service (context-dependent). | |||
| CVE-2021-46051 | 0.00 | — | 0.01 | Jan 7, 2022 | A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service. . | |||
| CVE-2021-46049 | 0.00 | — | 0.01 | Jan 7, 2022 | A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which could cause a Denial of Service. | |||
| CVE-2021-46041 | 0.00 | — | 0.01 | Jan 6, 2022 | A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service. | |||
| CVE-2021-46043 | 0.00 | — | 0.01 | Jan 6, 2022 | A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service. | |||
| CVE-2021-46044 | 0.00 | — | 0.01 | Jan 6, 2022 | A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent). | |||
| CVE-2021-46040 | 0.00 | — | 0.01 | Jan 6, 2022 | A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent). | |||
| CVE-2021-46042 | 0.00 | — | 0.01 | Jan 6, 2022 | A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service. | |||
| CVE-2021-46039 | 0.00 | — | 0.01 | Jan 6, 2022 | A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent). | |||
| CVE-2021-46038 | 0.00 | — | 0.01 | Jan 5, 2022 | A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent). | |||
| CVE-2021-45831 | 0.00 | — | 0.01 | Jan 5, 2022 | A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which causes a Denial of Service. | |||
| CVE-2021-45266 | 0.00 | — | 0.01 | Dec 22, 2021 | A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault and application crash. | |||
| CVE-2021-45260 | 0.00 | — | 0.01 | Dec 22, 2021 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the lsr_read_id.part function, which causes a segmentation fault and application crash. | |||
| CVE-2021-45259 | 0.00 | — | 0.01 | Dec 22, 2021 | An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_node_del function, which causes a segmentation fault and application crash. | |||
| CVE-2021-45258 | 0.00 | — | 0.01 | Dec 22, 2021 | A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_list function, which causes a segmentation fault and application crash. | |||
| CVE-2021-45263 | 0.00 | — | 0.01 | Dec 22, 2021 | An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash. | |||
| CVE-2021-45267 | 0.00 | — | 0.01 | Dec 22, 2021 | An invalid memory address dereference vulnerability exists in gpac 1.1.0 via the svg_node_start function, which causes a segmentation fault and application crash. | |||
| CVE-2021-45262 | 0.00 | — | 0.01 | Dec 22, 2021 | An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44927 | 0.00 | — | 0.01 | Dec 21, 2021 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_sg_vrml_mf_append function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44926 | 0.00 | — | 0.01 | Dec 21, 2021 | A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44925 | 0.00 | — | 0.01 | Dec 21, 2021 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44924 | 0.00 | — | 0.01 | Dec 21, 2021 | An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service. | |||
| CVE-2021-44923 | 0.00 | — | 0.01 | Dec 21, 2021 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44922 | 0.00 | — | 0.01 | Dec 21, 2021 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44921 | 0.00 | — | 0.01 | Dec 21, 2021 | A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_internal function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44920 | 0.00 | — | 0.01 | Dec 21, 2021 | An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash. | |||
| CVE-2021-44919 | 0.00 | — | 0.01 | Dec 21, 2021 | A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault and application crash. | |||
| CVE-2021-44918 | 0.00 | — | 0.01 | Dec 21, 2021 | A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash. | |||
| CVE-2021-45289 | 0.00 | — | 0.01 | Dec 21, 2021 | A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL. | |||
| CVE-2021-45288 | 0.00 | — | 0.01 | Dec 21, 2021 | A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Service via a crafted file in the MP4Box command. | |||
| CVE-2021-45297 | 0.00 | — | 0.01 | Dec 21, 2021 | An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. | |||
| CVE-2021-45291 | 0.00 | — | 0.01 | Dec 21, 2021 | The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command. | |||
| CVE-2021-45292 | 0.00 | — | 0.01 | Dec 21, 2021 | The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command. | |||
| CVE-2020-22673 | 0.00 | — | 0.01 | Oct 12, 2021 | Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. | |||
| CVE-2020-22675 | 0.00 | — | 0.01 | Oct 12, 2021 | An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | |||
| CVE-2020-22674 | 0.00 | — | 0.01 | Oct 12, 2021 | An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input. | |||
| CVE-2020-22677 | 0.00 | — | 0.01 | Oct 12, 2021 | An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | |||
| CVE-2020-22678 | 0.00 | — | 0.01 | Oct 12, 2021 | An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input. | |||
| CVE-2020-22679 | 0.00 | — | 0.01 | Oct 12, 2021 | Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input. | |||
| CVE-2021-41456 | 0.00 | — | 0.01 | Oct 1, 2021 | There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability. | |||
| CVE-2021-41457 | 0.00 | — | 0.01 | Oct 1, 2021 | There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability. |
- CVE-2021-40562Jan 12, 2022risk 0.00cvss —epss 0.01
A Segmentation fault caused by a floating point exception exists in Gpac through 1.0.1 using mp4box via the naludmx_enqueue_or_dispatch function in reframe_nalu.c, which causes a denial of service.
- CVE-2021-40564Jan 12, 2022risk 0.00cvss —epss 0.01
A Segmentation fault caused by null pointer dereference vulnerability eists in Gpac through 1.0.2 via the avc_parse_slice function in av_parsers.c when using mp4box, which causes a denial of service.
- CVE-2021-40559Jan 12, 2022risk 0.00cvss —epss 0.01
A null pointer deference vulnerability exists in gpac through 1.0.1 via the naludmx_parse_nal_avc function in reframe_nalu, which allows a denail of service.
- CVE-2021-40565Jan 12, 2022risk 0.00cvss —epss 0.01
A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gf_avc_parse_nalu function in av_parsers.c when using mp4box, which causes a denial of service.
- CVE-2020-25427Jan 10, 2022risk 0.00cvss —epss 0.01
A Null pointer dereference vulnerability exits in MP4Box - GPAC version 0.8.0-rev177-g51a8ef874-master via the gf_isom_get_track_id function, which causes a denial of service.
- CVE-2021-36412Jan 10, 2022risk 0.00cvss —epss 0.01
A heap-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via the gp_rtp_builder_do_mpeg12_video function, which allows attackers to possibly have unspecified other impact via a crafted file in the MP4Box command,
- CVE-2021-36414Jan 10, 2022risk 0.00cvss —epss 0.01
A heab-based buffer overflow vulnerability exists in MP4Box in GPAC 1.0.1 via media.c, which allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
- CVE-2021-46047Jan 7, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_hinter_finalize function.
- CVE-2021-46046Jan 7, 2022risk 0.00cvss —epss 0.01
A Pointer Derefernce Vulnerbility exists GPAC 1.0.1 the gf_isom_box_size function, which could cause a Denial of Service (context-dependent).
- CVE-2021-46045Jan 7, 2022risk 0.00cvss —epss 0.01
GPAC 1.0.1 is affected by: Abort failed. The impact is: cause a denial of service (context-dependent).
- CVE-2021-46051Jan 7, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the Media_IsSelfContained function, which could cause a Denial of Service. .
- CVE-2021-46049Jan 7, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the gf_fileio_check function, which could cause a Denial of Service.
- CVE-2021-46041Jan 6, 2022risk 0.00cvss —epss 0.01
A Segmentation Fault Vulnerability exists in GPAC 1.0.1 via the co64_box_new function, which causes a Denial of Service.
- CVE-2021-46043Jan 6, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference Vulnerability exits in GPAC 1.0.1 in the gf_list_count function, which causes a Denial of Service.
- CVE-2021-46044Jan 6, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1via ShiftMetaOffset.isra, which causes a Denial of Service (context-dependent).
- CVE-2021-46040Jan 6, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the finplace_shift_moov_meta_offsets function, which causes a Denial of Servie (context-dependent).
- CVE-2021-46042Jan 6, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference Vulnerability exists in GPAC 1.0.1 via the _fseeko function, which causes a Denial of Service.
- CVE-2021-46039Jan 6, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference Vulnerabilty exists in GPAC 1.0.1 via the shift_chunk_offsets.part function, which causes a Denial of Service (context-dependent).
- CVE-2021-46038Jan 5, 2022risk 0.00cvss —epss 0.01
A Pointer Dereference vulnerability exists in GPAC 1.0.1 in unlink_chunk.isra, which causes a Denial of Service (context-dependent).
- CVE-2021-45831Jan 5, 2022risk 0.00cvss —epss 0.01
A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1 in MP4Box via __strlen_avx2, which causes a Denial of Service.
- CVE-2021-45266Dec 22, 2021risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability exists in gpac 1.1.0 via the lsr_read_anim_values_ex function, which causes a segmentation fault and application crash.
- CVE-2021-45260Dec 22, 2021risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability exists in gpac 1.1.0 in the lsr_read_id.part function, which causes a segmentation fault and application crash.
- CVE-2021-45259Dec 22, 2021risk 0.00cvss —epss 0.01
An Invalid pointer reference vulnerability exists in gpac 1.1.0 via the gf_svg_node_del function, which causes a segmentation fault and application crash.
- CVE-2021-45258Dec 22, 2021risk 0.00cvss —epss 0.01
A stack overflow vulnerability exists in gpac 1.1.0 via the gf_bifs_dec_proto_list function, which causes a segmentation fault and application crash.
- CVE-2021-45263Dec 22, 2021risk 0.00cvss —epss 0.01
An invalid free vulnerability exists in gpac 1.1.0 via the gf_svg_delete_attribute_value function, which causes a segmentation fault and application crash.
- CVE-2021-45267Dec 22, 2021risk 0.00cvss —epss 0.01
An invalid memory address dereference vulnerability exists in gpac 1.1.0 via the svg_node_start function, which causes a segmentation fault and application crash.
- CVE-2021-45262Dec 22, 2021risk 0.00cvss —epss 0.01
An invalid free vulnerability exists in gpac 1.1.0 via the gf_sg_command_del function, which causes a segmentation fault and application crash.
- CVE-2021-44927Dec 21, 2021risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_sg_vrml_mf_append function, which causes a segmentation fault and application crash.
- CVE-2021-44926Dec 21, 2021risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability exists in gpac 1.1.0-DEV in the gf_node_get_tag function, which causes a segmentation fault and application crash.
- CVE-2021-44925Dec 21, 2021risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_svg_get_attribute_name function, which causes a segmentation fault and application crash.
- CVE-2021-44924Dec 21, 2021risk 0.00cvss —epss 0.01
An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log function, which causes a Denial of Service.
- CVE-2021-44923Dec 21, 2021risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_dump_vrml_dyn_field.isra function, which causes a segmentation fault and application crash.
- CVE-2021-44922Dec 21, 2021risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability exists in gpac 1.1.0 in the BD_CheckSFTimeOffset function, which causes a segmentation fault and application crash.
- CVE-2021-44921Dec 21, 2021risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability exists in gpac 1.1.0 in the gf_isom_parse_movie_boxes_internal function, which causes a segmentation fault and application crash.
- CVE-2021-44920Dec 21, 2021risk 0.00cvss —epss 0.01
An invalid memory address dereference vulnerability exists in gpac 1.1.0 in the dump_od_to_saf.isra function, which causes a segmentation fault and application crash.
- CVE-2021-44919Dec 21, 2021risk 0.00cvss —epss 0.01
A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_alloc function in gpac 1.1.0-DEV, which causes a segmentation fault and application crash.
- CVE-2021-44918Dec 21, 2021risk 0.00cvss —epss 0.01
A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the gf_node_get_field function, which can cause a segmentation fault and application crash.
- CVE-2021-45289Dec 21, 2021risk 0.00cvss —epss 0.01
A vulnerability exists in GPAC 1.0.1 due to an omission of security-relevant Information, which could cause a Denial of Service. The program terminates with signal SIGKILL.
- CVE-2021-45288Dec 21, 2021risk 0.00cvss —epss 0.01
A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which could cause a Denail of Service via a crafted file in the MP4Box command.
- CVE-2021-45297Dec 21, 2021risk 0.00cvss —epss 0.01
An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size.
- CVE-2021-45291Dec 21, 2021risk 0.00cvss —epss 0.01
The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
- CVE-2021-45292Dec 21, 2021risk 0.00cvss —epss 0.01
The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to cause a denial of service (Invalid memory address dereference) via a crafted file in the MP4Box command.
- CVE-2020-22673Oct 12, 2021risk 0.00cvss —epss 0.01
Memory leak in the senc_Parse function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
- CVE-2020-22675Oct 12, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The GetGhostNum function in stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
- CVE-2020-22674Oct 12, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. An invalid memory dereference exists in the function FixTrackID located in isom_intern.c, which allows attackers to cause a denial of service (DoS) via a crafted input.
- CVE-2020-22677Oct 12, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The dump_data_hex function in box_dump.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
- CVE-2020-22678Oct 12, 2021risk 0.00cvss —epss 0.01
An issue was discovered in gpac 0.8.0. The gf_media_nalu_remove_emulation_bytes function in av_parsers.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted input.
- CVE-2020-22679Oct 12, 2021risk 0.00cvss —epss 0.01
Memory leak in the sgpd_parse_entry function in MP4Box in gpac 0.8.0 allows attackers to cause a denial of service (DoS) via a crafted input.
- CVE-2021-41456Oct 1, 2021risk 0.00cvss —epss 0.01
There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1004 in the nhmldmx_send_sample() function szXmlTo parameter which leads to a denial of service vulnerability.
- CVE-2021-41457Oct 1, 2021risk 0.00cvss —epss 0.01
There is a stack buffer overflow in MP4Box 1.1.0 at src/filters/dmx_nhml.c in nhmldmx_init_parsing which leads to a denial of service vulnerability.
Page 6 of 9