Total
351 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-20171 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2025-03-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC version 0.5.2 and 0.9.0-development-20191109. There are memory leaks in metx_New in isomedia/box_code_base.c and abst_Read in isomedia/box_code_adobe.c. | |||||
| CVE-2024-50664 | 1 Gpac | 1 Gpac | 2025-02-11 | N/A | 7.8 HIGH |
| gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box. | |||||
| CVE-2024-50665 | 1 Gpac | 1 Gpac | 2025-02-11 | N/A | 5.5 MEDIUM |
| gpac 2.4 contains a SEGV at src/isomedia/drm_sample.c:1562:96 in isom_cenc_get_sai_by_saiz_saio in MP4Box. | |||||
| CVE-2024-6064 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as problematic. This vulnerability affects the function xmt_node_end of the file src/scene_manager/loader_xmt.c of the component MP4Box. The manipulation leads to use after free. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is f4b3e4d2f91bc1749e7a924a8ab171af03a355a8/c1b9c794bad8f262c56f3cf690567980d96662f5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-268792. | |||||
| CVE-2024-6063 | 1 Gpac | 1 Gpac | 2024-11-21 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmx_on_event of the file src/filters/dmx_m2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8767ed0a77c4b02287db3723e92c2169f67c85d5. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-268791. | |||||
| CVE-2024-6062 | 1 Gpac | 1 Gpac | 2024-11-21 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 31e499d310a48bd17c8b055a0bfe0fe35887a7cd. It is recommended to apply a patch to fix this issue. VDB-268790 is the identifier assigned to this vulnerability. | |||||
| CVE-2024-6061 | 1 Gpac | 1 Gpac | 2024-11-21 | 1.7 LOW | 3.3 LOW |
| A vulnerability has been found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this vulnerability is the function isoffin_process of the file src/filters/isoffin_read.c of the component MP4Box. The manipulation leads to infinite loop. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of the patch is 20c0f29139a82779b86453ce7f68d0681ec7624c. It is recommended to apply a patch to fix this issue. The identifier VDB-268789 was assigned to this vulnerability. | |||||
| CVE-2024-0322 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 9.1 CRITICAL |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2024-0321 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-5998 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.5 HIGH |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV. | |||||
| CVE-2023-5595 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Denial of Service in GitHub repository gpac/gpac prior to 2.3.0-DEV. | |||||
| CVE-2023-5586 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
| NULL Pointer Dereference in GitHub repository gpac/gpac prior to 2.3.0-DEV. | |||||
| CVE-2023-5377 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.1 HIGH |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to v2.2.2-DEV. | |||||
| CVE-2023-4778 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-4758 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-4756 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-4755 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-4754 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-4722 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||
| CVE-2023-4721 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||||