Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Axiosys Subscribe
Total 127 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-32265 1 Axiosys 1 Bento4 2021-09-29 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Bento4 through v1.6.0-637. A global-buffer-overflow exists in the function AP4_MemoryByteStream::WritePartial() located in Ap4ByteStream.cpp. It allows an attacker to cause code execution or information disclosure.
CVE-2018-10790 1 Axiosys 1 Bento4 2021-08-30 5.0 MEDIUM 7.5 HIGH
The AP4_CttsAtom class in Core/Ap4CttsAtom.cpp in Bento4 1.5.1.0 allows remote attackers to cause a denial of service (application crash), related to a memory allocation failure, as demonstrated by mp2aac.
CVE-2020-23334 1 Axiosys 1 Bento4 2021-08-25 5.0 MEDIUM 7.5 HIGH
A WRITE memory access in the AP4_NullTerminatedStringAtom::AP4_NullTerminatedStringAtom component of Bento4 version 06c39d9 can lead to a segmentation fault.
CVE-2020-23333 1 Axiosys 1 Bento4 2021-08-25 5.0 MEDIUM 7.5 HIGH
A heap-based buffer overflow exists in the AP4_CttsAtom::AP4_CttsAtom component located in /Core/Ap4Utils.h of Bento4 version 06c39d9. This can lead to a denial of service (DOS).
CVE-2020-23331 1 Axiosys 1 Bento4 2021-08-25 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_DescriptorListWriter::Action component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).
CVE-2020-23330 1 Axiosys 1 Bento4 2021-08-25 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 version 06c39d9. A NULL pointer dereference exists in the AP4_Stz2Atom::GetSampleSize component located in /Core/Ap4Stz2Atom.cpp. It allows an attacker to cause a denial of service (DOS).
CVE-2020-21066 1 Axiosys 1 Bento4 2021-08-23 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42aac.
CVE-2021-35307 1 Axiosys 1 Bento4 2021-08-12 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).
CVE-2021-35306 1 Axiosys 1 Bento4 2021-08-12 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the function AP4_StszAtom::WriteFields located in Ap4StszAtom.cpp. It allows an attacker to cause a denial of service (DOS).
CVE-2020-19722 1 Axiosys 1 Bento4 2021-07-15 4.3 MEDIUM 6.5 MEDIUM
An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a direct copy to NULL pointer dereference, leading to a denial of service (DOS).
CVE-2020-19717 1 Axiosys 1 Bento4 2021-07-15 4.3 MEDIUM 6.5 MEDIUM
An unhandled memory allocation failure in Core/Ap48bdlAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVE-2020-19718 1 Axiosys 1 Bento4 2021-07-15 4.3 MEDIUM 6.5 MEDIUM
An unhandled memory allocation failure in Core/Ap4Atom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVE-2020-19719 1 Axiosys 1 Bento4 2021-07-15 4.3 MEDIUM 6.5 MEDIUM
A buffer overflow vulnerability in Ap4ElstAtom.cpp of Bento 1.5.1-628 leads to a denial of service (DOS).
CVE-2020-19720 1 Axiosys 1 Bento4 2021-07-15 4.3 MEDIUM 6.5 MEDIUM
An unhandled memory allocation failure in Core/AP4IkmsAtom.cpp of Bento 1.5.1-628 causes a NULL pointer dereference, leading to a denial of service (DOS).
CVE-2020-23912 1 Axiosys 1 Bento4 2021-04-26 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer dereference exists in the function AP4_StszAtom::GetSampleSize() located in Ap4StszAtom.cpp. It allows an attacker to cause Denial of Service.
CVE-2019-7697 1 Axiosys 1 Bento4 2020-08-24 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Bento4 v1.5.1-627. There is an assertion failure in AP4_AtomListWriter::Action in Core/Ap4Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42hls.
CVE-2019-13238 1 Axiosys 1 Bento4 2020-08-24 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 1.5.1.0. A memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes. When parsing input video, the program allocates a new buffer to parse an atom in the stream. The unhandled memory allocation failure causes a direct copy to a NULL pointer.
CVE-2019-15048 1 Axiosys 1 Bento4 2020-08-24 6.8 MEDIUM 8.8 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffer overflow in the AP4_RtpAtom class at Core/Ap4RtpAtom.cpp.
CVE-2019-17528 1 Axiosys 1 Bento4 2020-08-24 4.3 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the function AP4_TfhdAtom::SetDefaultSampleSize at Core/Ap4TfhdAtom.h when called from AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
CVE-2019-6132 1 Axiosys 1 Bento4 2020-08-24 5.0 MEDIUM 7.5 HIGH
An issue was discovered in Bento4 v1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp when called from the AP4_EsdsAtom class in Core/Ap4EsdsAtom.cpp, as demonstrated by mp42aac.