Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Gopro Subscribe
Total 20 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16161 1 Gopro 1 Gpmf-parser 2020-10-29 5.0 MEDIUM 7.5 HIGH
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData(). Parsing malicious input can result in a crash.
CVE-2020-16160 1 Gopro 1 Gpmf-parser 2020-10-29 5.0 MEDIUM 7.5 HIGH
GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress(). Parsing malicious input can result in a crash.
CVE-2020-16159 1 Gopro 1 Gpmf-parser 2020-10-29 6.4 MEDIUM 9.1 CRITICAL
GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GPMF_ScaledData(). Parsing malicious input can result in a crash or information disclosure.
CVE-2020-16158 1 Gopro 1 Gpmf-parser 2020-10-22 6.8 MEDIUM 8.8 HIGH
GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE(). Parsing malicious input can result in a crash or potentially arbitrary code execution.
CVE-2019-20086 1 Gopro 1 Gpmf-parser 2020-01-08 6.8 MEDIUM 8.8 HIGH
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_Next in GPMF_parser.c.
CVE-2019-20087 1 Gopro 1 Gpmf-parser 2020-01-08 6.8 MEDIUM 8.8 HIGH
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seekToSamples in GPMF-parse.c for the "matching tags" feature.
CVE-2019-20088 1 Gopro 1 Gpmf-parser 2020-01-07 6.8 MEDIUM 7.8 HIGH
GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayload in GPMF_mp4reader.c.
CVE-2019-20089 1 Gopro 1 Gpmf-parser 2020-01-07 6.8 MEDIUM 7.8 HIGH
GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_SeekToSamples in GPMF_parse.c for the size calculation.
CVE-2018-13026 1 Gopro 1 Gpmf-parser 2019-10-02 7.5 HIGH 9.8 CRITICAL
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type.
CVE-2019-15148 1 Gopro 1 Gpmf-parser 2019-08-22 4.3 MEDIUM 6.5 MEDIUM
GoPro GPMF-parser 1.2.2 has an out-of-bounds write in OpenMP4Source in demo/GPMF_mp4reader.c.
CVE-2019-15147 1 Gopro 1 Gpmf-parser 2019-08-22 4.3 MEDIUM 6.5 MEDIUM
GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Next in GPMF_parser.c.
CVE-2019-15146 1 Gopro 1 Gpmf-parser 2019-08-22 4.3 MEDIUM 6.5 MEDIUM
GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in GPMF_Next in GPMF_parser.c.
CVE-2018-18699 1 Gopro 1 Gpmf-parser 2018-12-06 6.8 MEDIUM 8.8 HIGH
An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c.
CVE-2018-18190 1 Gopro 1 Gpmf-parser 2018-11-23 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMF_ScaledData in GPMF_parser.c.
CVE-2018-13011 1 Gopro 1 Gpmf-parser 2018-08-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate.
CVE-2018-13009 1 Gopro 1 Gpmf-parser 2018-08-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check).
CVE-2018-13008 1 Gopro 1 Gpmf-parser 2018-08-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level.
CVE-2018-13007 1 Gopro 1 Gpmf-parser 2018-08-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check).
CVE-2014-6434 1 Gopro 2 Gopro Hero, Gopro Hero Firmware 2014-10-08 10.0 HIGH N/A
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary commands via a the (1) a1 or (2) a2 parameter in a restart action.
CVE-2014-6433 1 Gopro 2 Gopro Hero, Gopro Hero Firmware 2014-10-08 10.0 HIGH N/A
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the (1) a1 or (2) a2 parameter in a start action.