Filtered by vendor Gpac
Subscriptions
Filtered by product Gpac
Subscriptions
Total
344 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-40574 | 1 Gpac | 1 Gpac | 2025-03-05 | 7.8 High |
| The binary MP4Box in Gpac from 0.9.0-preview to 1.0.1 has a double-free vulnerability in the gf_text_get_utf8_line function in load_text.c, which allows attackers to cause a denial of service, even code execution and escalation of privileges. | ||||
| CVE-2021-30022 | 1 Gpac | 1 Gpac | 2025-03-05 | 5.5 Medium |
| There is a integer overflow in media_tools/av_parsers.c in the gf_avc_read_pps_bs_internal in GPAC from 0.5.2 to 1.0.1. pps_id may be a negative number, so it will not return. However, avc->pps only has 255 unit, so there is an overflow, which results a crash. | ||||
| CVE-2021-30014 | 1 Gpac | 1 Gpac | 2025-03-05 | 5.5 Medium |
| There is a integer overflow in media_tools/av_parsers.c in the hevc_parse_slice_segment function in GPAC from v0.9.0-preview to 1.0.1 which results in a crash. | ||||
| CVE-2020-24829 | 1 Gpac | 1 Gpac | 2025-03-05 | 5.5 Medium |
| An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file. | ||||
| CVE-2019-20208 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2025-03-05 | 5.5 Medium |
| dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has a stack-based buffer overflow. | ||||
| CVE-2019-20171 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2025-03-04 | 5.5 Medium |
| An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. There are memory leaks in metx_New in isomedia/box_code_base.c and abst_Read in isomedia/box_code_adobe.c. | ||||
| CVE-2023-1448 | 1 Gpac | 1 Gpac | 2025-02-26 | 5.3 Medium |
| A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability. | ||||
| CVE-2023-1654 | 1 Gpac | 1 Gpac | 2025-02-19 | 7.8 High |
| Denial of Service in GitHub repository gpac/gpac prior to 2.4.0. | ||||
| CVE-2023-1655 | 1 Gpac | 1 Gpac | 2025-02-19 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0. | ||||
| CVE-2023-0841 | 1 Gpac | 1 Gpac | 2025-02-13 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087. | ||||
| CVE-2024-50664 | 1 Gpac | 1 Gpac | 2025-02-11 | 7.8 High |
| gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box. | ||||
| CVE-2024-50665 | 1 Gpac | 1 Gpac | 2025-02-11 | 5.5 Medium |
| gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in MP4Box. | ||||
| CVE-2023-2840 | 1 Gpac | 1 Gpac | 2025-01-21 | 9.8 Critical |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-2839 | 1 Gpac | 1 Gpac | 2025-01-21 | 7.5 High |
| Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-2838 | 1 Gpac | 1 Gpac | 2025-01-21 | 9.1 Critical |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-2837 | 1 Gpac | 1 Gpac | 2025-01-21 | 5.5 Medium |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-3013 | 1 Gpac | 1 Gpac | 2025-01-09 | 7.1 High |
| Unchecked Return Value in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-3012 | 1 Gpac | 1 Gpac | 2025-01-09 | 7.8 High |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2023-3291 | 1 Gpac | 1 Gpac | 2024-12-17 | 3.3 Low |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2. | ||||
| CVE-2024-6064 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.3 Medium |
| A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as problematic. This vulnerability affects the function xmt_node_end of the file src/scene_manager/loader_xmt.c of the component MP4Box. The manipulation leads to use after free. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is f4b3e4d2f91bc1749e7a924a8ab171af03a355a8/c1b9c794bad8f262c56f3cf690567980d96662f5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-268792. | ||||