Total
127 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41841 | 1 Axiosys | 1 Bento4 | 2022-10-03 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File. | |||||
| CVE-2022-41847 | 1 Axiosys | 1 Bento4 | 2022-10-03 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp. | |||||
| CVE-2022-41846 | 1 Axiosys | 1 Bento4 | 2022-10-03 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp. | |||||
| CVE-2022-41429 | 1 Axiosys | 1 Bento4 | 2022-10-03 | N/A | 8.8 HIGH |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag. | |||||
| CVE-2022-41430 | 1 Axiosys | 1 Bento4 | 2022-10-03 | N/A | 8.8 HIGH |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux. | |||||
| CVE-2022-40774 | 1 Axiosys | 1 Bento4 | 2022-09-21 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize. | |||||
| CVE-2022-40775 | 1 Axiosys | 1 Bento4 | 2022-09-21 | N/A | 5.5 MEDIUM |
| An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields. | |||||
| CVE-2022-40439 | 1 Axiosys | 1 Bento4 | 2022-09-19 | N/A | 6.5 MEDIUM |
| An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. | |||||
| CVE-2022-40438 | 1 Axiosys | 1 Bento4 | 2022-09-19 | N/A | 6.5 MEDIUM |
| Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. | |||||
| CVE-2022-40738 | 1 Axiosys | 1 Bento4 | 2022-09-19 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write. | |||||
| CVE-2022-40737 | 1 Axiosys | 1 Bento4 | 2022-09-19 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields. | |||||
| CVE-2022-40736 | 1 Axiosys | 1 Bento4 | 2022-09-19 | N/A | 6.5 MEDIUM |
| An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp. | |||||
| CVE-2022-35165 | 1 Axiosys | 1 Bento4 | 2022-08-22 | N/A | 5.5 MEDIUM |
| An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input. | |||||
| CVE-2021-40943 | 1 Axiosys | 1 Bento4 | 2022-07-07 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
| CVE-2021-40941 | 1 Axiosys | 1 Bento4 | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS). | |||||
| CVE-2022-31287 | 1 Axiosys | 1 Bento4 | 2022-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp. | |||||
| CVE-2022-31285 | 1 Axiosys | 1 Bento4 | 2022-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h. | |||||
| CVE-2022-31282 | 1 Axiosys | 1 Bento4 | 2022-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175. | |||||
| CVE-2022-29017 | 1 Axiosys | 1 Bento4 | 2022-05-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S. | |||||
| CVE-2022-27607 | 1 Axiosys | 1 Bento4 | 2022-03-29 | 5.8 MEDIUM | 8.1 HIGH |
| Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531. | |||||