Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Axiosys Subscribe
Total 127 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-41841 1 Axiosys 1 Bento4 2022-10-03 N/A 5.5 MEDIUM
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_File::ParseStream in Core/Ap4File.cpp, which is called from AP4_File::AP4_File.
CVE-2022-41847 1 Axiosys 1 Bento4 2022-10-03 N/A 5.5 MEDIUM
An issue was discovered in Bento4 1.6.0-639. A memory leak exists in AP4_StdcFileByteStream::Create(AP4_FileByteStream*, char const*, AP4_FileByteStream::Mode, AP4_ByteStream*&) in System/StdC/Ap4StdCFileByteStream.cpp.
CVE-2022-41846 1 Axiosys 1 Bento4 2022-10-03 N/A 5.5 MEDIUM
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in the function AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.
CVE-2022-41429 1 Axiosys 1 Bento4 2022-10-03 N/A 8.8 HIGH
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag.
CVE-2022-41430 1 Axiosys 1 Bento4 2022-10-03 N/A 8.8 HIGH
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux.
CVE-2022-40774 1 Axiosys 1 Bento4 2022-09-21 N/A 5.5 MEDIUM
An issue was discovered in Bento4 through 1.6.0-639. There is a NULL pointer dereference in AP4_StszAtom::GetSampleSize.
CVE-2022-40775 1 Axiosys 1 Bento4 2022-09-21 N/A 5.5 MEDIUM
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields.
CVE-2022-40439 1 Axiosys 1 Bento4 2022-09-19 N/A 6.5 MEDIUM
An memory leak issue was discovered in AP4_StdcFileByteStream::Create in mp42ts in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file.
CVE-2022-40438 1 Axiosys 1 Bento4 2022-09-19 N/A 6.5 MEDIUM
Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file.
CVE-2022-40738 1 Axiosys 1 Bento4 2022-09-19 N/A 6.5 MEDIUM
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, called from AP4_EsDescriptor::WriteFields and AP4_Expandable::Write.
CVE-2022-40737 1 Axiosys 1 Bento4 2022-09-19 N/A 6.5 MEDIUM
An issue was discovered in Bento4 through 1.6.0-639. A buffer over-read exists in the function AP4_StdcFileByteStream::WritePartial located in System/StdC/Ap4StdCFileByteStream.cpp, called from AP4_ByteStream::Write and AP4_HdlrAtom::WriteFields.
CVE-2022-40736 1 Axiosys 1 Bento4 2022-09-19 N/A 6.5 MEDIUM
An issue was discovered in Bento4 1.6.0-639. There ie excessive memory consumption in AP4_CttsAtom::Create in Core/Ap4CttsAtom.cpp.
CVE-2022-35165 1 Axiosys 1 Bento4 2022-08-22 N/A 5.5 MEDIUM
An issue in AP4_SgpdAtom::AP4_SgpdAtom() of Bento4-1.6.0-639 allows attackers to cause a Denial of Service (DoS) via a crafted mp4 input.
CVE-2021-40943 1 Axiosys 1 Bento4 2022-07-07 4.3 MEDIUM 5.5 MEDIUM
In Bento4 1.6.0-638, there is a null pointer reference in the function AP4_DescriptorListInspector::Action function in Ap4Descriptor.h:124 , as demonstrated by GPAC. This can cause a denial of service (DOS).
CVE-2021-40941 1 Axiosys 1 Bento4 2022-07-07 5.0 MEDIUM 7.5 HIGH
In Bento4 1.6.0-638, there is an allocator is out of memory in the function AP4_Array<AP4_TrunAtom::Entry>::EnsureCapacity in Ap4Array.h:172, as demonstrated by GPAC. This can cause a denial of service (DOS).
CVE-2022-31287 1 Axiosys 1 Bento4 2022-06-17 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Bento4 v1.2. There is an allocation size request error in /Ap4RtpAtom.cpp.
CVE-2022-31285 1 Axiosys 1 Bento4 2022-06-17 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Bento4 1.2. The allocator is out of memory in /Source/C++/Core/Ap4Array.h.
CVE-2022-31282 1 Axiosys 1 Bento4 2022-06-17 4.3 MEDIUM 5.5 MEDIUM
Bento4 MP4Dump v1.2 was discovered to contain a segmentation violation via an unknown address at /Source/C++/Core/Ap4DataBuffer.cpp:175.
CVE-2022-29017 1 Axiosys 1 Bento4 2022-05-24 4.3 MEDIUM 5.5 MEDIUM
Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S.
CVE-2022-27607 1 Axiosys 1 Bento4 2022-03-29 5.8 MEDIUM 8.1 HIGH
Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531.