Total
365 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37767 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so.
|
|||||
| CVE-2023-37766 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/libgpac.so.
|
|||||
| CVE-2023-37765 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so.
|
|||||
| CVE-2023-37174 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c.
|
|||||
| CVE-2023-2840 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 9.8 CRITICAL |
|
NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.2.2.
|
|||||
| CVE-2023-2839 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.5 HIGH |
|
Divide By Zero in GitHub repository gpac/gpac prior to 2.2.2.
|
|||||
| CVE-2023-2838 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 9.1 CRITICAL |
|
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.
|
|||||
| CVE-2023-2837 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.2.
|
|||||
| CVE-2023-1655 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.4.0.
|
|||||
| CVE-2023-1654 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Denial of Service in GitHub repository gpac/gpac prior to 2.4.0.
|
|||||
| CVE-2023-1452 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in GPAC 2.3-DEV-rev35-gbbca86917-master. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file filters/load_text.c. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223297 was assigned to this vulnerability.
|
|||||
| CVE-2023-1449 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gf_av1_reset_state of the file media_tools/av_parsers.c. The manipulation leads to double free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-223294 is the identifier assigned to this vulnerability.
|
|||||
| CVE-2023-1448 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The identifier VDB-223293 was assigned to this vulnerability.
|
|||||
| CVE-2023-0866 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV.
|
|||||
| CVE-2023-0841 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.5 HIGH | 6.3 MEDIUM |
|
A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087.
|
|||||
| CVE-2023-0819 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.
|
|||||
| CVE-2023-0818 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.
|
|||||
| CVE-2023-0817 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.
|
|||||
| CVE-2023-0770 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.
|
|||||
| CVE-2023-0760 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV.
|
|||||
| CVE-2023-0358 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV.
|
|||||
| CVE-2022-4202 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 6.3 MEDIUM |
|
A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this ...
Show More |
|||||
| CVE-2022-3957 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 4.3 MEDIUM |
|
A vulnerability classified as problematic was found in GPAC. Affected by this vulnerability is the function svg_parse_preserveaspectratio of the file scenegraph/svg_attributes.c of the component SVG Parser. The manipulation leads to memory leak. The attack can be launched remotely. The name of the patch is 2191e66aa7df750e8ef01781b1930bea87b713bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213463.
|
|||||
| CVE-2022-3222 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.
|
|||||
| CVE-2022-3178 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV.
|
|||||
| CVE-2022-38530 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD.
|
|||||
| CVE-2022-36191 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242.
|
|||||
| CVE-2022-36190 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 9.8 CRITICAL |
|
GPAC mp4box 2.1-DEV-revUNKNOWN-master has a use-after-free vulnerability in function gf_isom_dovi_config_get. This vulnerability was fixed in commit fef6242.
|
|||||
| CVE-2022-36186 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.5 HIGH |
|
A Null Pointer dereference vulnerability exists in GPAC 2.1-DEV-revUNKNOWN-master via the function gf_filter_pid_set_property_full () at filter_core/filter_pid.c:5250,which causes a Denial of Service (DoS). This vulnerability was fixed in commit b43f9d1.
|
|||||
| CVE-2022-30976 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.0 MEDIUM | 7.1 HIGH |
|
GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box.
|
|||||
| CVE-2022-2549 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
|
NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1.0-DEV.
|
|||||
| CVE-2022-2454 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV.
|
|||||
| CVE-2022-2453 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
|
Use After Free in GitHub repository gpac/gpac prior to 2.1-DEV.
|
|||||
| CVE-2022-29537 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
gp_rtp_builder_do_hevc in ietf/rtp_pck_mpeg4.c in GPAC 2.0.0 has a heap-based buffer over-read, as demonstrated by MP4Box.
|
|||||
| CVE-2022-29340 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
GPAC 2.1-DEV-rev87-g053aae8-master. has a Null Pointer Dereference vulnerability in gf_isom_parse_movie_boxes_internal due to improper return value handling of GF_SKIP_BOX, which causes a Denial of Service. This vulnerability was fixed in commit 37592ad.
|
|||||
| CVE-2022-29339 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.
|
|||||
| CVE-2022-27148 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow.
|
|||||
| CVE-2022-27147 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.
|
|||||
| CVE-2022-27146 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag.
|
|||||
| CVE-2022-27145 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.
|
|||||