VYPR

Vendor CVEs

Gpac

All CVEs

420 total · sorted by risk
  • CVE-2021-41459Oct 1, 2021
    risk 0.00cvss epss 0.01

    There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_nhml.c:1008 in the nhmldmx_send_sample() function szXmlFrom parameter which leads to a denial of service vulnerability.

  • CVE-2020-23269Sep 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac 0.8.0. The stbl_GetSampleSize function in isomedia/stbl_read.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.

  • CVE-2020-23266Sep 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac 0.8.0. The OD_ReadUTF8String function in odf_code.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file.

  • CVE-2020-23267Sep 21, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac 0.8.0. The gf_hinter_track_process function in isom_hinter_track_process.c has a heap-based buffer overflow which can lead to a denial of service (DOS) via a crafted media file

  • CVE-2021-32271Sep 20, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac through 20200801. A stack-buffer-overflow exists in the function DumpRawUIConfig located in odf_dump.c. It allows an attacker to cause code Execution.

  • CVE-2021-32268Sep 20, 2021
    risk 0.00cvss epss 0.01

    Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac before 1.0.1 allows attackers to execute arbitrary code. The fixed version is 1.0.1.

  • CVE-2021-32270Sep 20, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function vwid_box_del located in box_code_base.c. It allows an attacker to cause Denial of Service.

  • CVE-2021-32269Sep 20, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac through 20200801. A NULL pointer dereference exists in the function ilst_item_box_dump located in box_dump.c. It allows an attacker to cause Denial of Service.

  • CVE-2021-32139Sep 13, 2021
    risk 0.00cvss epss 0.01

    The gf_isom_vp_config_get function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-32138Sep 13, 2021
    risk 0.00cvss epss 0.01

    The DumpTrackInfo function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-33362Sep 13, 2021
    risk 0.00cvss epss 0.01

    Stack buffer overflow in the hevc_parse_vps_extension function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

  • CVE-2021-32132Sep 13, 2021
    risk 0.00cvss epss 0.01

    The abst_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-32135Sep 13, 2021
    risk 0.00cvss epss 0.01

    The trak_box_size function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-32137Sep 13, 2021
    risk 0.00cvss epss 0.01

    Heap buffer overflow in the URL_GetProtocolType function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

  • CVE-2021-32134Sep 13, 2021
    risk 0.00cvss epss 0.01

    The gf_odf_desc_copy function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

  • CVE-2021-32136Sep 13, 2021
    risk 0.00cvss epss 0.01

    Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.

  • CVE-2021-33364Sep 13, 2021
    risk 0.00cvss epss 0.01

    Memory leak in the def_parent_box_new function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.

  • CVE-2021-33363Sep 13, 2021
    risk 0.00cvss epss 0.01

    Memory leak in the infe_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.

  • CVE-2021-33365Sep 13, 2021
    risk 0.00cvss epss 0.01

    Memory leak in the gf_isom_get_root_od function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.

  • CVE-2021-33361Sep 13, 2021
    risk 0.00cvss epss 0.01

    Memory leak in the afra_box_read function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.

  • CVE-2021-33366Sep 13, 2021
    risk 0.00cvss epss 0.01

    Memory leak in the gf_isom_oinf_read_entry function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.

  • CVE-2020-19751Sep 7, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap-based buffer over-read.

  • CVE-2020-19750Sep 7, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read.

  • CVE-2021-21850Aug 25, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “trun” FOURCC…

  • CVE-2021-21848Aug 25, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The library will actually reuse the parser for atoms with the “stsz” FOURCC code when parsing atoms that use the “stz2”…

  • CVE-2021-21849Aug 25, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “tfra” FOURCC…

  • CVE-2021-21841Aug 25, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when reading an atom using the 'sbgp' FOURCC code can cause an integer overflow due to unchecked…

  • CVE-2021-21842Aug 25, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when processing an atom using the 'ssix' FOURCC code, due to…

  • CVE-2021-21840Aug 25, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input used to process an atom using the “saio” FOURCC code cause an integer overflow due to…

  • CVE-2021-21836Aug 25, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input using the “ctts” FOURCC code can cause an integer overflow due to unchecked arithmetic…

  • CVE-2021-21834Aug 25, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom for the “co64” FOURCC can cause an integer overflow due to unchecked…

  • CVE-2021-21835Aug 25, 2021
    risk 0.00cvss epss 0.01

    An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom associated with the “csgp” FOURCC can cause an integer overflow due…

  • CVE-2021-21862Aug 18, 2021
    risk 0.00cvss epss 0.01

    Multiple exploitable integer truncation vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that…

  • CVE-2021-21858Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a…

  • CVE-2021-21857Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a…

  • CVE-2021-21856Aug 18, 2021
    risk 0.00cvss epss 0.01

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a…

  • CVE-2021-21855Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a…

  • CVE-2021-21854Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a…

  • CVE-2021-21853Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked addition arithmetic resulting in a…

  • CVE-2021-21839Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based…

  • CVE-2021-21838Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based…

  • CVE-2021-21837Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based…

  • CVE-2021-21844Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when encountering an atom using the “stco” FOURCC code, can cause an integer overflow…

  • CVE-2021-21843Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based…

  • CVE-2021-21846Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stsz” decoder can cause an integer overflow due to unchecked arithmetic resulting…

  • CVE-2021-21847Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input in “stts” decoder can cause an integer overflow due to unchecked arithmetic resulting…

  • CVE-2021-21851Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “csgp” decoder sample group description indices can cause an integer overflow due…

  • CVE-2021-21852Aug 18, 2021
    risk 0.00cvss epss 0.02

    Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input at “stss” decoder can cause an integer overflow due to unchecked arithmetic resulting…

  • CVE-2021-21861Aug 16, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. When processing the 'hdlr' FOURCC code, a specially crafted MPEG-4 input can cause an improper memory allocation resulting in a…

  • CVE-2021-21860Aug 16, 2021
    risk 0.00cvss epss 0.02

    An exploitable integer truncation vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an improper memory allocation resulting in a heap-based buffer overflow that causes…

Page 7 of 9