Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Gpac Subscribe
Total 281 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-21015 2 Debian, Gpac 2 Debian Linux, Gpac 2023-02-28 4.3 MEDIUM 6.5 MEDIUM
AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL.
CVE-2018-21016 2 Debian, Gpac 2 Debian Linux, Gpac 2023-02-28 4.3 MEDIUM 6.5 MEDIUM
audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.
CVE-2023-0866 1 Gpac 1 Gpac 2023-02-24 N/A 7.8 HIGH
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV.
CVE-2023-0841 1 Gpac 1 Gpac 2023-02-22 N/A 8.8 HIGH
A vulnerability, which was classified as critical, has been found in GPAC 2.3-DEV-rev40-g3602a5ded. This issue affects the function mp3_dmx_process of the file filters/reframe_mp3.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221087.
CVE-2023-0818 1 Gpac 1 Gpac 2023-02-22 N/A 5.5 MEDIUM
Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV.
CVE-2023-0817 1 Gpac 1 Gpac 2023-02-22 N/A 7.8 HIGH
Buffer Over-read in GitHub repository gpac/gpac prior to v2.3.0-DEV.
CVE-2023-0819 1 Gpac 1 Gpac 2023-02-22 N/A 7.8 HIGH
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV.
CVE-2023-0770 1 Gpac 1 Gpac 2023-02-16 N/A 7.8 HIGH
Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.2.
CVE-2023-0760 1 Gpac 1 Gpac 2023-02-16 N/A 7.8 HIGH
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV.
CVE-2022-4202 1 Gpac 1 Gpac 2023-02-01 N/A 8.8 HIGH
A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is b3d821c4ae9ba62b3a194d9dcb5e99f17bd56908. It is recommended to apply a patch to fix this issue. VDB-214518 is the identifier assigned to this vulnerability.
CVE-2023-23143 1 Gpac 1 Gpac 2023-02-01 N/A 7.8 HIGH
Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master.
CVE-2023-23144 1 Gpac 1 Gpac 2023-02-01 N/A 5.5 MEDIUM
Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC version 2.2-rev0-gab012bbfb-master.
CVE-2023-23145 1 Gpac 1 Gpac 2023-02-01 N/A 7.8 HIGH
GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak in lsr_read_rare_full function.
CVE-2023-0358 1 Gpac 1 Gpac 2023-01-25 N/A 7.8 HIGH
Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV.
CVE-2019-20208 2 Debian, Gpac 2 Debian Linux, Gpac 2023-01-20 4.3 MEDIUM 5.5 MEDIUM
dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based buffer overflow.
CVE-2022-47663 1 Gpac 1 Gpac 2023-01-11 N/A 7.8 HIGH
GPAC MP4box 2.1-DEV-rev649-ga8f438d20 is vulnerable to buffer overflow in h263dmx_process filters/reframe_h263.c:609
CVE-2022-47662 1 Gpac 1 Gpac 2023-01-11 N/A 5.5 MEDIUM
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite recursion in Media_GetSample isomedia/media.c:662
CVE-2022-47661 1 Gpac 1 Gpac 2023-01-11 N/A 7.8 HIGH
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes
CVE-2022-47086 1 Gpac 1 Gpac 2023-01-11 N/A 5.5 MEDIUM
GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c
CVE-2022-46490 1 Gpac 1 Gpac 2023-01-11 N/A 5.5 MEDIUM
GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.