Total
156 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-17528 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
|
|||||
| CVE-2019-17454 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demonstrated by mp4info.
|
|||||
| CVE-2019-17453 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4encrypt or mp4compact.
|
|||||
| CVE-2019-17452 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListInspector::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::InspectFields in Core/Ap4IodsAtom.cpp, as demonstrated by mp4dump.
|
|||||
| CVE-2019-16349 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::ReadUI32 in Core/Ap4ByteStream.cpp when called from the AP4_TrunAtom class.
|
|||||
| CVE-2019-15050 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_AvccAtom class at Core/Ap4AvccAtom.cpp.
|
|||||
| CVE-2019-15049 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the AP4_Dec3Atom class at Core/Ap4Dec3Atom.cpp.
|
|||||
| CVE-2019-15048 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.
|
|||||
| CVE-2019-15047 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer over-read in the function AP4_BitReader::SkipBits at Core/Ap4Utils.cpp.
|
|||||
| CVE-2019-13959 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reallocation failures, leading to a memory copy into a NULL pointer. This is different from CVE-2018-20186.
|
|||||
| CVE-2019-13238 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a NULL pointer.
|
|||||
| CVE-2018-5253 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.
|
|||||
| CVE-2018-20659 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp, as demonstrated by mp42hls.
|
|||||
| CVE-2018-20502 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Bento4 1.5.1-627. There is an attempt at excessive memory allocation in the AP4_DataBuffer class when called from AP4_HvccAtom::Create in Core/Ap4HvccAtom.cpp.
|
|||||
| CVE-2018-20409 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls.
|
|||||
| CVE-2018-20408 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp, as demonstrated by mp42hls.
|
|||||
| CVE-2018-20407 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42hls.
|
|||||
| CVE-2018-20186 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in Core/Ap4Sample.cpp allows attackers to trigger an attempted excessive memory allocation, related to AP4_DataBuffer::SetDataSize and AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.
|
|||||
| CVE-2018-20095 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls.
|
|||||
| CVE-2018-14590 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
|
|||||
| CVE-2018-14589 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.
|
|||||
| CVE-2018-14588 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
|
|||||
| CVE-2018-14587 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.
|
|||||
| CVE-2018-14586 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532.
|
|||||
| CVE-2018-14585 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.
|
|||||
| CVE-2018-14584 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read.
|
|||||
| CVE-2018-14545 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
|
|||||
| CVE-2018-14544 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts.
|
|||||
| CVE-2018-14543 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump.
|
|||||
| CVE-2018-14532 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846.
|
|||||
| CVE-2018-14531 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Bento4 1.5.1-624. There is an unspecified "heap-buffer-overflow" crash in the AP4_HvccAtom class in Core/Ap4HvccAtom.cpp.
|
|||||
| CVE-2018-14445 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file.
|
|||||
| CVE-2018-13848 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp.
|
|||||
| CVE-2018-13847 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.
|
|||||
| CVE-2018-13846 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read after a call from Mp42Ts.cpp, a related issue to CVE-2018-14532.
|
|||||
| CVE-2018-10790 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
|
|||||